A PolicyPack contains one or more policies to enforce.
For example:
import * as aws from "@pulumi/aws";import { PolicyPack, validateResourceOfType } from "@pulumi/policy";new PolicyPack("aws-typescript", { policies: [{ name: "s3-no-public-read", description: "Prohibits setting the publicRead or publicReadWrite permission on AWS S3 buckets.", enforcementLevel: "mandatory", validateResource: validateResourceOfType(aws.s3.Bucket, (bucket, args, reportViolation) => { if (bucket.acl === "public-read" || bucket.acl === "public-read-write") { reportViolation("You cannot set public-read or public-read-write on an S3 bucket."); } }), }],}); Copy
import * as aws from "@pulumi/aws";import { PolicyPack, validateResourceOfType } from "@pulumi/policy";new PolicyPack("aws-typescript", { policies: [{ name: "s3-no-public-read", description: "Prohibits setting the publicRead or publicReadWrite permission on AWS S3 buckets.", enforcementLevel: "mandatory", validateResource: validateResourceOfType(aws.s3.Bucket, (bucket, args, reportViolation) => { if (bucket.acl === "public-read" || bucket.acl === "public-read-write") { reportViolation("You cannot set public-read or public-read-write on an S3 bucket."); } }), }],});
Optional
Generated using TypeDoc
A PolicyPack contains one or more policies to enforce.
For example: