Skip to content

Instantly share code, notes, and snippets.

@WhatsARanjit
Created October 7, 2019 11:13
Show Gist options
  • Save WhatsARanjit/85f01585a54c93a44ea7b9a1eab3a073 to your computer and use it in GitHub Desktop.
Save WhatsARanjit/85f01585a54c93a44ea7b9a1eab3a073 to your computer and use it in GitHub Desktop.
Prohibit defining any s3 buckets
import "tfplan"
# Get all S3 buckets from all modules
get_s3_buckets = func() {
buckets = []
for tfplan.module_paths as path {
buckets += values(tfplan.module(path).resources.aws_s3_bucket) else []
}
return buckets
}
s3_buckets = get_s3_buckets()
# Rule to restrict usage of S3 buckets
no_s3 = rule {
length(s3_buckets) < 1
}
# Main rule that requires other rules to be true
main = rule {
no_s3 else true
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment