1. Docs
  2. Pulumi IaC
  3. Using Pulumi
  4. Policy as code
  5. Best practices

Policy pack best practices

    Naming Policies

    Each policy within a Policy Pack must have a unique name. The name must be between 1 and 100 characters and may contain letters, numbers, dashes (-), underscores (_) or periods(.).

    Policy Assertions

    Policy assertions should be complete sentences, specify the resource that has violated the policy, and be written using an imperative tone. The table below provides some examples of policy assertions.

    “The RDS cluster must specify a node type.”“Specify a node type.”
    “The RDS cluster must have audit logging enabled.”“Enable audit logging.”

    This format provides a clear message to end users, allowing them to understand what and why a policy is failing.

      PulumiUP 2024. Watch On Demand.