guardrails-samples
guardrails-samples copied to clipboard
turbot
Provides teams using Turbot Guardrails automation and configuration-as-code examples for effective management of Guardrails for their organization.
When using the run-policies.sh script, it outputs `[INFO]` status text that incorrectly refers to `Control` instead of `Policy Value` https://github.com/turbot/guardrails-samples/blob/e76b436bdd747df3359ab15f95c1225c89bc78d1/api_examples/graphql/clients/shell/run-policies/run-policies.sh#L67
when setting `--sleep-time 60 ` parameter, there is no backoff time before the 1st and second batch of of the run. the scripts do not begin backoff until the 3rd...
The `,,` operator is not available in the default version of `/bin/bash` installed on MacOS. our shell scripts use this operator here: https://github.com/turbot/guardrails-samples/blob/e76b436bdd747df3359ab15f95c1225c89bc78d1/api_examples/graphql/clients/shell/run-controls/run-controls.sh#L164 Current workaround is to use `brew` to...
Today the getting started baseline for tagging in is an example template to manage tags. These are always in alarm for getting started as the template is unique. For a...
**Is your feature request related to a problem? Please describe.** I have a new submission for the TDK. Suppose you want to check if the Password reuse policy has AT...
**Control objective** A clear and concise description of what the control objective is and why it's important. BigQuery DataSet resource has an `access` attribute, This attribute lists out service principals...
**Control objective** Generate a Report if Role Trust Policy is modified from baseline. **Remediation** - Remove untrusted access on IAM roles. **Categories** - Access Management - Security **Additional context** Source...
**Control objective** Generate a Report if IAM Role Trust Policy is modified from baseline. **Remediation** - Remove an IDP if it is not in the approved list of providers. **Categories**...
**Control objective** Identify IAM roles with privileged access across all federated roles. - Admin access defined as "Action": "*:*" - IAM Full access defined as "Action": "iam:*" **Remediation** - Strip...
**Control objective** - Real time alert for any role or user created with admin access or IAM full access. - Admin access defined as `"Action": "*:*"` - IAM Full access...