kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
15c7951f971f5dbbfd2f190307b86923aa87d216
hunfabric/tests/modules/project/org_policies.tfvars
Julio Castillo 15c7951f97 Remove hcl2 python dependency (#3836) 
* Migrate organization policy tests to standard tftest.yaml.

Remove python-hcl2 dependency and the custom python test file.
Consolidate the boolean, list, and custom constraint tests into a single `org_policies` test with a factory equivalent.
Restructure factory files into a unified `factory/` directory.

* Migrate project and folder org policy tests to standard tftest.yaml.

Replicate the organization module changes for project and folder modules:
- Remove python-hcl2 dependency usages and conftest.py.
- Remove custom python test files for org policies.
- Consolidate org policy tests into a single `org_policies` test with a factory equivalent.
- Unify factory files into a `factory/` directory.
- Remove redundant common.tfvars in folder module.

* Add factory policies directory to duplicate-diff checks.

Ensure the YAML factory files for org policies remain perfectly identical across the organization, folder, and project modules.

* Remove unused deepdiff dependency from requirements and pre-commit config.

* Add boilerplate

* fix broken link
2026-04-08 08:14:16 +02:00

62 lines
1.3 KiB
HCL
Raw Blame History

org_policies = {
"iam.disableServiceAccountKeyCreation" = {
rules = [{ enforce = true }]
}
"iam.disableServiceAccountKeyUpload" = {
rules = [
{
condition = {
expression = "resource.matchTagId(aa, bb)"
title = "condition"
description = "test condition"
location = "xxx"
}
enforce = true
},
{
enforce = false
}
]
}
"compute.vmExternalIpAccess" = {
rules = [{ deny = { all = true } }]
}
"iam.allowedPolicyMemberDomains" = {
inherit_from_parent = true
rules = [{
allow = {
values = ["C0xxxxxxx", "C0yyyyyyy"]
}
}]
}
"compute.restrictLoadBalancerCreationForTypes" = {
rules = [
{
condition = {
expression = "resource.matchTagId(aa, bb)"
title = "condition"
description = "test condition"
location = "xxx"
}
allow = {
values = ["EXTERNAL_1"]
}
},
{
condition = {
expression = "resource.matchTagId(cc, dd)"
title = "condition2"
description = "test condition2"
location = "xxx"
}
allow = {
all = true
}
},
{
deny = { values = ["in:EXTERNAL"] }
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink