Skip to content

Instantly share code, notes, and snippets.

@WhatsARanjit
Created October 7, 2019 11:13
Show Gist options
  • Save WhatsARanjit/7c709ab3ea05df436fd2192ba14b65cc to your computer and use it in GitHub Desktop.
Save WhatsARanjit/7c709ab3ea05df436fd2192ba14b65cc to your computer and use it in GitHub Desktop.
Prohibit defining any s3 buckets
import "tfplan"
# Get all S3 buckets from all modules
get_s3_buckets = func() {
buckets = []
for tfplan.module_paths as path {
buckets += values(tfplan.module(path).resources.aws_s3_bucket) else []
}
return buckets
}
s3_buckets = get_s3_buckets()
# Rule to restrict usage of S3 buckets
no_s3 = rule {
length(s3_buckets) < 1
}
# Main rule that requires other rules to be true
main = rule {
no_s3 else true
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment