pulumi-policy
pulumi-policy copied to clipboard
Published
20 hours ago •
pulumi
pulumi
Error when logging outside of a policy
If a policy pack has any output via console.log(...) outside of a policy itself, the execution of the policy will fail.
Policy Pack code
import * as aws from "@pulumi/aws";
import { PolicyPack, validateTypedResource } from "@pulumi/policy";
console.log("This will cause an error."); // This will cause an error.
new PolicyPack("ec2", {
policies: [
{
name: "discouraged-ec2-public-ip-address",
description: "Associating public IP addresses is discouraged.",
enforcementLevel: "advisory",
validateResource: validateTypedResource(aws.ec2.Instance, (it, _, reportViolation) => {
if (it.associatePublicIpAddress === true) {
reportViolation("`associatePublicIpAddresss` should be false");
}
}),
},
],
});
Output
aws-ts-webserver % pulumi preview --policy-pack policy-as-code
Previewing update (demo):
Type Name Plan Info
pulumi:pulumi:Stack demo-aws-ts-webserver-demo 1 error
Diagnostics:
pulumi:pulumi:Stack (demo-aws-ts-webserver-demo):
error: policy pack "/Users/clstokes/cc/pulumi/sales/demos/aws-ts-webserver/policy-as-code" failed to start: /Users/clstokes/cc/pulumi/sales/demos/aws-ts-webserver/policy-as-code (analyzer) plugin [/usr/local/bin/pulumi-analyzer-policy] wrote a non-numeric port to stdout ('This will cause an error.'): strconv.Atoi: parsing "This will cause an error.": invalid syntax
Permalink: https://app.pulumi.com/clstokes/demo-aws-ts-webserver/demo/previews/3eec93b8-85c4-495e-a8f4-e79981a9038e
aws-ts-webserver %
