You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
It's not possible today to manage Policy Groups via the Pulumi Cloud provider (nor via the REST API, which I would assume is a pre-req for having it present in the provider).
I would like to be able to do all of the following with the provider:
Manage policy packs (publish, un-publish) from a location on disk (this could be tricky, or might be best left to the command provider, so I'm more flexible on this one)
Query published policy packs
Query (projects and) stacks (by tag)
Manage policy groups
Manage policy group policy packs (that is, the settings for each policy rule and the version of the policy pack)
Manage policy group stacks (that is, the stacks that are included in the policy group)
Out of scope, but this is what I would be doing next:
7. Trigger a Pulumi Deployments Refresh on all affected stacks and alert upon failure
Affected area/feature
The text was updated successfully, but these errors were encountered:
As part of some discussions recently we sketched out what we think these APIs could look like. Leaving notes here in case they help as input to implementing this:
We believe the assignment of a PolicyGroup to a Stack should be done through its own resource (instead of inline in the PolicyGroup or Stack).
Similarly, we believe the assignment of a PolicyPack to a PolicyGroup should be done through its own resource.
It would be really nice if the policy pack could be provided as an Archive, effectively doing the policy publish automatically from that archive (which could be a folder on disk, or an in-memory constructed policy pack, programmatically configured based inputs in the users' program!). This allows automating the lifecycle of policies completely within the provider.
Hello!
Issue details
It's not possible today to manage Policy Groups via the Pulumi Cloud provider (nor via the REST API, which I would assume is a pre-req for having it present in the provider).
I would like to be able to do all of the following with the provider:
Out of scope, but this is what I would be doing next:
7. Trigger a Pulumi Deployments Refresh on all affected stacks and alert upon failure
Affected area/feature
The text was updated successfully, but these errors were encountered: