Skip to content

Instantly share code, notes, and snippets.

@timmyers

timmyers/index.ts

Created November 14, 2022 04:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save timmyers/112497a4aa756fbcdaf51ee18f5fa66a to your computer and use it in GitHub Desktop.
Save timmyers/112497a4aa756fbcdaf51ee18f5fa66a to your computer and use it in GitHub Desktop.
Download ZIP
Initial CrossGuard Policy
Raw
index.ts
import * as aws from '@pulumi/aws';
import { PolicyPack, ReportViolation, validateResourceOfType } from '@pulumi/policy';
new PolicyPack('aws', {
policies: [
{
name: 'required-tags',
description: 'Certain tags are required.',
enforcementLevel: 'mandatory',
validateResource: [
validateResourceOfType(aws.iam.User, (user, args, reportViolation) => {
requireCreatorTag(user.tags, reportViolation);
}),
],
},
],
});
function requireCreatorTag(tags: any, reportViolation: ReportViolation) {
if ((tags || {})['Creator'] === undefined) {
reportViolation(`A 'Creator' tag is required.`);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment