UNPKG

@pulumi/google-compliance-policies

Version:

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

117 lines (116 loc) 5.78 kB
"use strict"; // Copyright 2016-2024, Pulumi Corporation. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // ------------------------------- WARNING ------------------------------------- // This file was programmatically generated. Do not edit unless you know what // you're doing. // ------------------------------- WARNING ------------------------------------- Object.defineProperty(exports, "__esModule", { value: true }); exports.ServicePerimeter = exports.AccessPolicy = exports.AccessLevel = void 0; const policy_1 = require("@pulumi/policy"); const compliance_policy_manager_1 = require("@pulumi/compliance-policy-manager"); const v1beta_1 = require("@pulumi/google-native/accesscontextmanager/v1beta"); const v1beta_2 = require("@pulumi/google-native/accesscontextmanager/v1beta"); const v1beta_3 = require("@pulumi/google-native/accesscontextmanager/v1beta"); var AccessLevel; (function (AccessLevel) { /** * Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.AccessLevel). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ AccessLevel.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-accesscontextmanager-v1beta-accesslevel-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.AccessLevel).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_1.AccessLevel, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Accesscontextmanager AccessLevel shouldn't use an unstable API (accesscontextmanager.v1beta.AccessLevel)."); }), }, vendors: ["google"], services: ["accesscontextmanager"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(AccessLevel || (AccessLevel = {})); exports.AccessLevel = AccessLevel; var AccessPolicy; (function (AccessPolicy) { /** * Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.AccessPolicy). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ AccessPolicy.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-accesscontextmanager-v1beta-accesspolicy-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.AccessPolicy).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_2.AccessPolicy, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Accesscontextmanager AccessPolicy shouldn't use an unstable API (accesscontextmanager.v1beta.AccessPolicy)."); }), }, vendors: ["google"], services: ["accesscontextmanager"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(AccessPolicy || (AccessPolicy = {})); exports.AccessPolicy = AccessPolicy; var ServicePerimeter; (function (ServicePerimeter) { /** * Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.ServicePerimeter). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ ServicePerimeter.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-accesscontextmanager-v1beta-serviceperimeter-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (accesscontextmanager.v1beta.ServicePerimeter).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_3.ServicePerimeter, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Accesscontextmanager ServicePerimeter shouldn't use an unstable API (accesscontextmanager.v1beta.ServicePerimeter)."); }), }, vendors: ["google"], services: ["accesscontextmanager"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(ServicePerimeter || (ServicePerimeter = {})); exports.ServicePerimeter = ServicePerimeter;