1. Tutorials
  2. Creating a Custom Policy Pack

Creating a Custom Policy Pack

Pulumi CrossGuard uses policy-as-code to enforce best practices, compliance, and security requirements across your infrastructure. A policy pack is a collection of policies that can be versioned and reused across projects.

In this tutorial, you will create a custom policy pack that enforces specific policies for your AWS resources, such as enabling S3 bucket versioning, restricting EC2 instance types, and requiring resource tags.

In this tutorial, you'll learn:

  • How to define policies using Python and TypeScript
  • How to group policies into a policy pack
  • How to deploy and enforce the policy pack in your Pulumi organization
  • How to define policies involving multiple resources

Prerequisites:

This tutorial focuses on AWS resources, however the same techniques can be used for any resource managed by Pulumi, including Azure, Google Cloud Platform, Kubernetes, etc.

Topics

This tutorial has 3 topics and takes about 15 minutes to complete.