forked from intel/policy-library-intel-azure
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sentinel.hcl
78 lines (63 loc) · 3.79 KB
/
sentinel.hcl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
import "static" "approved" {
source = "./approved.json"
format = "json"
}
import "module" "policy_summary" {
source = "./modules/policysummary.sentinel"
}
policy "intel-azure-cosmosdb-cassandra-datacenter-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-cosmosdb-cassandra-datacenter-deny-unapproved-instance-types/intel-azurerm-cosmosdb-cassandra-datacenter-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-kubernetes-cluster-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-kubernetes-cluster-deny-unapproved-instance-types/intel-azurerm-kubernetes-cluster-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-linux-virtual-machine-deny-unapproved-instance-type" {
source = "./policies/intel-azurerm-linux-virtual-machine-deny-unapproved-instance-type/intel-azurerm-linux-virtual-machine-deny-unapproved-instance-type.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-mysql-flexible-server-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-mysql-flexible-server-deny-unapproved-instance-types/intel-azurerm-mysql-flexible-server-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-mssql-server-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-mssql-server-deny-unapproved-instance-types/intel-azurerm-mssql-server-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-postgresql-flexible-server-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-postgresql-flexible-server-deny-unapproved-instance-types/intel-azurerm-postgresql-flexible-server-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-service-plan-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-service-plan-deny-unapproved-instance-types/intel-azurerm-service-plan-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-databricks-cluster-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-databricks-cluster-deny-unapproved-instance-types/intel-azurerm-databricks-cluster-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-databricks-cluster-deny-unapproved-runtime-engines" {
source = "./policies/intel-azurerm-databricks-cluster-deny-unapproved-runtime-engines/intel-azurerm-databricks-cluster-deny-unapproved-runtime-engines.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-databricks-cluster-enforce-spark-conf" {
source = "./policies/intel-azurerm-databricks-cluster-enforce-spark-conf/intel-azurerm-databricks-cluster-enforce-spark-conf.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azure-kusto-cluster-deny-unapproved-instance-types" {
source = "./policies/intel-azurerm-kusto-cluster-deny-unapproved-instance-types/intel-azurerm-kusto-cluster-deny-unapproved-instance-types.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-windows-web-app-enforce-http2" {
source = "./policies/intel-azurerm-windows-web-app-enforce-http2/intel-azurerm-windows-web-app-enforce-http2.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-windows-web-app-enforce-https" {
source = "./policies/intel-azurerm-windows-web-app-enforce-https/intel-azurerm-windows-web-app-enforce-https.sentinel"
enforcement_level = "soft-mandatory"
}
policy "intel-azurerm-windows-web-app-enforce-minimum-tls" {
source = "./policies/intel-azurerm-windows-web-app-enforce-minimum-tls/intel-azurerm-windows-web-app-enforce-minimum-tls.sentinel"
enforcement_level = "soft-mandatory"
}