UNPKG

@pulumi/google-compliance-policies

Version:

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

179 lines (178 loc) 8.39 kB
"use strict"; // Copyright 2016-2024, Pulumi Corporation. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // ------------------------------- WARNING ------------------------------------- // This file was programmatically generated. Do not edit unless you know what // you're doing. // ------------------------------- WARNING ------------------------------------- Object.defineProperty(exports, "__esModule", { value: true }); exports.Version = exports.IngressRule = exports.DomainMapping = exports.AuthorizedCertificate = exports.App = void 0; const policy_1 = require("@pulumi/policy"); const compliance_policy_manager_1 = require("@pulumi/compliance-policy-manager"); const v1beta_1 = require("@pulumi/google-native/appengine/v1beta"); const v1beta_2 = require("@pulumi/google-native/appengine/v1beta"); const v1beta_3 = require("@pulumi/google-native/appengine/v1beta"); const v1beta_4 = require("@pulumi/google-native/appengine/v1beta"); const v1beta_5 = require("@pulumi/google-native/appengine/v1beta"); var App; (function (App) { /** * Disallow the use of non-stable (Beta) resouces (appengine.v1beta.App). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ App.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-appengine-v1beta-app-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (appengine.v1beta.App).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_1.App, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Appengine App shouldn't use an unstable API (appengine.v1beta.App)."); }), }, vendors: ["google"], services: ["appengine"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(App || (App = {})); exports.App = App; var AuthorizedCertificate; (function (AuthorizedCertificate) { /** * Disallow the use of non-stable (Beta) resouces (appengine.v1beta.AuthorizedCertificate). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ AuthorizedCertificate.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-appengine-v1beta-authorizedcertificate-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (appengine.v1beta.AuthorizedCertificate).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_2.AuthorizedCertificate, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Appengine AuthorizedCertificate shouldn't use an unstable API (appengine.v1beta.AuthorizedCertificate)."); }), }, vendors: ["google"], services: ["appengine"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(AuthorizedCertificate || (AuthorizedCertificate = {})); exports.AuthorizedCertificate = AuthorizedCertificate; var DomainMapping; (function (DomainMapping) { /** * Disallow the use of non-stable (Beta) resouces (appengine.v1beta.DomainMapping). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ DomainMapping.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-appengine-v1beta-domainmapping-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (appengine.v1beta.DomainMapping).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_3.DomainMapping, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Appengine DomainMapping shouldn't use an unstable API (appengine.v1beta.DomainMapping)."); }), }, vendors: ["google"], services: ["appengine"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(DomainMapping || (DomainMapping = {})); exports.DomainMapping = DomainMapping; var IngressRule; (function (IngressRule) { /** * Disallow the use of non-stable (Beta) resouces (appengine.v1beta.IngressRule). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ IngressRule.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-appengine-v1beta-ingressrule-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (appengine.v1beta.IngressRule).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_4.IngressRule, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Appengine IngressRule shouldn't use an unstable API (appengine.v1beta.IngressRule)."); }), }, vendors: ["google"], services: ["appengine"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(IngressRule || (IngressRule = {})); exports.IngressRule = IngressRule; var Version; (function (Version) { /** * Disallow the use of non-stable (Beta) resouces (appengine.v1beta.Version). * * @severity medium * @frameworks none * @topics api, beta, unstable * @link https://cloud.google.com/apis/design/versioning */ Version.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({ resourceValidationPolicy: { name: "googlenative-appengine-v1beta-version-disallow-beta-resource", description: "Disallow the use of non-stable (Beta) resouces (appengine.v1beta.Version).", configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema, enforcementLevel: "advisory", validateResource: (0, policy_1.validateResourceOfType)(v1beta_5.Version, (_, args, reportViolation) => { if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) { return; } reportViolation("Appengine Version shouldn't use an unstable API (appengine.v1beta.Version)."); }), }, vendors: ["google"], services: ["appengine"], severity: "medium", topics: ["api", "unstable", "beta"], }); })(Version || (Version = {})); exports.Version = Version;