pulumi-policy icon indicating copy to clipboard operation
pulumi-policy copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Provide an easier way to check a resource's module/package

Open clstokes opened this issue 5 years ago • 0 comments

It will likely be common for end users to want to prohibit the use of entire modules. Currently you must do a string comparison of a value you have to guess or dig out of the provider SDKs.

Can we make this easier, much like our typedRule helper?

Current way

const policies = new PolicyPack("azure", {
    policies: [
        {
            name: "prohibited-iot",
            description: "Use of IOT services is prohibited.",
            enforcementLevel: "mandatory",
            rules: (type: string) => {
                assert(type.startsWith("azure:iot") === false); // <-- this should be easier
            },
        },
    ],
});

clstokes avatar Aug 26 '19 21:08 clstokes