@pulumi/policy

A framework for writing policy as code

Usage no npm install needed!

<script type="module">
  import pulumiPolicy from 'https://cdn.skypack.dev/@pulumi/policy';
</script>

README

Build Status

Pulumi Policy SDK

Overview

Define and manage policy for cloud resources deployed through Pulumi.

Policy rules run during pulumi preview and pulumi up, asserting that cloud resource definitions comply with the policy immediately before they are created or updated.

During preview, every rule is run on every resource, and policy violations are batched up into a final report. During the update, the first policy violation will halt the deployment.

Policy violations can have enforcement levels that are advisory, which results in a printed warning, or mandatory, which results in an error after pulumi preview or pulumi up completes.

Getting Started

Please see Get Started with Policy as Code to get started authoring and enforcing policies.

Documentation

For additional documentation, guides, best practices, and FAQs, see Policy as Code.

Examples

Looking for examples? Please refer to the examples repo.

Languages

Policies can be written in TypeScript/JavaScript (Node.js) or Python and can be applied to Pulumi stacks written in any language.

| | Language | Status | | -- | -------- | ------ | | | TypeScript | Stable | | | JavaScript | Stable | | | Python | Preview | | | .NET | Coming Soon | | | Go | Coming Soon |