@pulumi/google-compliance-policies
Version:
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
396 lines (395 loc) • 20 kB
JavaScript
"use strict";
// Copyright 2016-2024, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// ------------------------------- WARNING -------------------------------------
// This file was programmatically generated. Do not edit unless you know what
// you're doing.
// ------------------------------- WARNING -------------------------------------
Object.defineProperty(exports, "__esModule", { value: true });
exports.PeeringIamPolicy = exports.PeeringIamMember = exports.PeeringIamBinding = exports.Peering = exports.DomainIamPolicy = exports.DomainIamMember = exports.DomainIamBinding = exports.DomainBackupIamPolicy = exports.DomainBackupIamMember = exports.DomainBackupIamBinding = exports.Domain = exports.Backup = void 0;
const policy_1 = require("@pulumi/policy");
const compliance_policy_manager_1 = require("@pulumi/compliance-policy-manager");
const v1beta1_1 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_2 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_3 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_4 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_5 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_6 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_7 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_8 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_9 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_10 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_11 = require("@pulumi/google-native/managedidentities/v1beta1");
const v1beta1_12 = require("@pulumi/google-native/managedidentities/v1beta1");
var Backup;
(function (Backup) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Backup).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
Backup.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-backup-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Backup).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_1.Backup, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities Backup shouldn't use an unstable API (managedidentities.v1beta1.Backup).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(Backup || (Backup = {}));
exports.Backup = Backup;
var Domain;
(function (Domain) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Domain).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
Domain.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domain-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Domain).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_2.Domain, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities Domain shouldn't use an unstable API (managedidentities.v1beta1.Domain).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(Domain || (Domain = {}));
exports.Domain = Domain;
var DomainBackupIamBinding;
(function (DomainBackupIamBinding) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamBinding).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainBackupIamBinding.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainbackupiambinding-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamBinding).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_3.DomainBackupIamBinding, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainBackupIamBinding shouldn't use an unstable API (managedidentities.v1beta1.DomainBackupIamBinding).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainBackupIamBinding || (DomainBackupIamBinding = {}));
exports.DomainBackupIamBinding = DomainBackupIamBinding;
var DomainBackupIamMember;
(function (DomainBackupIamMember) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamMember).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainBackupIamMember.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainbackupiammember-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamMember).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_4.DomainBackupIamMember, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainBackupIamMember shouldn't use an unstable API (managedidentities.v1beta1.DomainBackupIamMember).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainBackupIamMember || (DomainBackupIamMember = {}));
exports.DomainBackupIamMember = DomainBackupIamMember;
var DomainBackupIamPolicy;
(function (DomainBackupIamPolicy) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamPolicy).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainBackupIamPolicy.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainbackupiampolicy-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainBackupIamPolicy).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_5.DomainBackupIamPolicy, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainBackupIamPolicy shouldn't use an unstable API (managedidentities.v1beta1.DomainBackupIamPolicy).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainBackupIamPolicy || (DomainBackupIamPolicy = {}));
exports.DomainBackupIamPolicy = DomainBackupIamPolicy;
var DomainIamBinding;
(function (DomainIamBinding) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamBinding).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainIamBinding.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainiambinding-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamBinding).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_6.DomainIamBinding, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainIamBinding shouldn't use an unstable API (managedidentities.v1beta1.DomainIamBinding).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainIamBinding || (DomainIamBinding = {}));
exports.DomainIamBinding = DomainIamBinding;
var DomainIamMember;
(function (DomainIamMember) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamMember).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainIamMember.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainiammember-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamMember).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_7.DomainIamMember, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainIamMember shouldn't use an unstable API (managedidentities.v1beta1.DomainIamMember).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainIamMember || (DomainIamMember = {}));
exports.DomainIamMember = DomainIamMember;
var DomainIamPolicy;
(function (DomainIamPolicy) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamPolicy).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
DomainIamPolicy.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-domainiampolicy-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.DomainIamPolicy).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_8.DomainIamPolicy, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities DomainIamPolicy shouldn't use an unstable API (managedidentities.v1beta1.DomainIamPolicy).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(DomainIamPolicy || (DomainIamPolicy = {}));
exports.DomainIamPolicy = DomainIamPolicy;
var Peering;
(function (Peering) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Peering).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
Peering.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-peering-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.Peering).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_9.Peering, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities Peering shouldn't use an unstable API (managedidentities.v1beta1.Peering).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(Peering || (Peering = {}));
exports.Peering = Peering;
var PeeringIamBinding;
(function (PeeringIamBinding) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamBinding).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
PeeringIamBinding.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-peeringiambinding-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamBinding).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_10.PeeringIamBinding, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities PeeringIamBinding shouldn't use an unstable API (managedidentities.v1beta1.PeeringIamBinding).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(PeeringIamBinding || (PeeringIamBinding = {}));
exports.PeeringIamBinding = PeeringIamBinding;
var PeeringIamMember;
(function (PeeringIamMember) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamMember).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
PeeringIamMember.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-peeringiammember-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamMember).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_11.PeeringIamMember, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities PeeringIamMember shouldn't use an unstable API (managedidentities.v1beta1.PeeringIamMember).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(PeeringIamMember || (PeeringIamMember = {}));
exports.PeeringIamMember = PeeringIamMember;
var PeeringIamPolicy;
(function (PeeringIamPolicy) {
/**
* Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamPolicy).
*
* @severity medium
* @frameworks none
* @topics api, beta, unstable
* @link https://cloud.google.com/apis/design/versioning
*/
PeeringIamPolicy.disallowBetaResource = compliance_policy_manager_1.policyManager.registerPolicy({
resourceValidationPolicy: {
name: "googlenative-managedidentities-v1beta1-peeringiampolicy-disallow-beta-resource",
description: "Disallow the use of non-stable (Beta) resouces (managedidentities.v1beta1.PeeringIamPolicy).",
configSchema: compliance_policy_manager_1.policyManager.policyConfigSchema,
enforcementLevel: "advisory",
validateResource: (0, policy_1.validateResourceOfType)(v1beta1_12.PeeringIamPolicy, (_, args, reportViolation) => {
if (!compliance_policy_manager_1.policyManager.shouldEvalPolicy(args)) {
return;
}
reportViolation("Managedidentities PeeringIamPolicy shouldn't use an unstable API (managedidentities.v1beta1.PeeringIamPolicy).");
}),
},
vendors: ["google"],
services: ["managedidentities"],
severity: "medium",
topics: ["api", "unstable", "beta"],
});
})(PeeringIamPolicy || (PeeringIamPolicy = {}));
exports.PeeringIamPolicy = PeeringIamPolicy;