Policy pack best practices
Each policy within a Policy Pack must have a unique name. The name must be between 1 and 100 characters and may contain letters, numbers, dashes (-), underscores (_) or periods(.).
Policy assertions should be complete sentences, specify the resource that has violated the policy, and be written using an imperative tone. The table below provides some examples of policy assertions.
|“The RDS cluster must specify a node type.”||“Specify a node type.”|
|“The RDS cluster must have audit logging enabled.”||“Enable audit logging.”|
This format provides a clear message to end users, allowing them to understand what and why a policy is failing.
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.