kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cf31d83b1533833e549c6b8653428688fe40ebf7
hunfabric/blueprints/data-solutions/shielded-folder/data/org-policies/compute.yaml
Simone Ruffilli 4decc641bb Stop wrapping yamldecode with try() (#1812)
2023-10-25 16:16:05 +02:00

95 lines
1.7 KiB
YAML
Raw Blame History

# skip boilerplate check
#
# sample subset of useful organization policies, edit to suit requirements
---
# Terraform will be unable to decode this file if it does not contain valid YAML
# You can retain `---` (start of the document) to indicate an empty document.
compute.disableGuestAttributesAccess:
rules:
- enforce: true
compute.requireOsLogin:
rules:
- enforce: true
compute.restrictLoadBalancerCreationForTypes:
rules:
- allow:
values:
- in:INTERNAL
compute.skipDefaultNetworkCreation:
rules:
- enforce: true
compute.vmExternalIpAccess:
rules:
- deny:
all: true
# compute.disableInternetNetworkEndpointGroup:
# rules:
# - enforce: true
# compute.disableNestedVirtualization:
# rules:
# - enforce: true
# compute.disableSerialPortAccess:
# rules:
# - enforce: true
# compute.restrictCloudNATUsage:
# rules:
# - deny:
# all: true
# compute.restrictDedicatedInterconnectUsage:
# rules:
# - deny:
# all: true
# compute.restrictPartnerInterconnectUsage:
# rules:
# - deny:
# all: true
# compute.restrictProtocolForwardingCreationForTypes:
# rules:
# - deny:
# all: true
# compute.restrictSharedVpcHostProjects:
# rules:
# - deny:
# all: true
# compute.restrictSharedVpcSubnetworks:
# rules:
# - deny:
# all: true
# compute.restrictVpcPeering:
# rules:
# - deny:
# all: true
# compute.restrictVpnPeerIPs:
# rules:
# - deny:
# all: true
# compute.restrictXpnProjectLienRemoval:
# rules:
# - enforce: true
# compute.setNewProjectDefaultToZonalDNSOnly:
# rules:
# - enforce: true
# compute.vmCanIpForward:
# rules:
# - deny:
# all: true
Reference in New Issue View Git Blame Copy Permalink