Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/simar7/custom-policy-with-terraform
https://github.com/simar7/custom-policy-with-terraform
Last synced: 27 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/simar7/custom-policy-with-terraform
- Owner: simar7
- Created: 2023-05-11T23:10:12.000Z (over 1 year ago)
- Default Branch: master
- Last Pushed: 2023-05-11T23:11:03.000Z (over 1 year ago)
- Last Synced: 2024-10-28T06:48:12.733Z (2 months ago)
- Language: Open Policy Agent
- Size: 0 Bytes
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## Demo of using custom policy with terraform
```shell
trivy config --config-policy=. --severity=CRITICAL --namespaces=user .
2023-05-11T17:08:28.108-0600 INFO Misconfiguration scanning is enabled
2023-05-11T17:08:28.908-0600 INFO Detected config files: 1
main.tf (terraform)
Tests: 1 (SUCCESSES: 0, FAILURES: 1, EXCEPTIONS: 0)
Failures: 1 (CRITICAL: 1)
CRITICAL: Rego policy rule: user.foobar.ABC001.deny
════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════
Bad buckets are bad because they are not good.
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
main.tf:2
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
1 resource "aws_s3_bucket" "my-bucket" {
2 [ bucket = "evil"
3 }
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
```