zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enable additional recommended org policies (#2050) 

* Enable additional recommended org policies

Fixes #2047
Fixes #2048
Fixes #2049

* Fix tests
This commit is contained in:
Julio Castillo 2024-02-05 10:46:37 +01:00 committed by GitHub
parent 5448ab64c4
commit e219d92217
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
fast/stages/0-bootstrap/data/org-policies/compute.yaml
View File

@ -55,13 +55,13 @@ compute.trustedImageProjects:
# rules:
# - enforce: true
# compute.disableNestedVirtualization:
# rules:
# - enforce: true
compute.disableNestedVirtualization:
rules:
- enforce: true
# compute.disableSerialPortAccess:
# rules:
# - enforce: true
compute.disableSerialPortAccess:
rules:
- enforce: true
# compute.restrictCloudNATUsage:
# rules:

4
fast/stages/0-bootstrap/data/org-policies/storage.yaml
View File

@ -9,3 +9,7 @@
storage.uniformBucketLevelAccess:
rules:
- enforce: true
storage.publicAccessPrevention:
rules:
- enforce: true

4
tests/fast/stages/s0_bootstrap/checklist.yaml
View File

@ -362,7 +362,7 @@ counts:
google_essential_contacts_contact: 3
google_logging_organization_sink: 3
google_logging_project_bucket_config: 3
google_org_policy_policy: 17
google_org_policy_policy: 20
google_organization_iam_binding: 25
google_organization_iam_custom_role: 6
google_organization_iam_member: 35
@ -381,4 +381,4 @@ counts:
google_tags_tag_key: 1
google_tags_tag_value: 1
modules: 16
resources: 186
resources: 189

6
tests/fast/stages/s0_bootstrap/simple.yaml
View File

@ -1,4 +1,4 @@
# Copyright 2023 Google LLC
# Copyright 2024 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -18,7 +18,7 @@ counts:
google_essential_contacts_contact: 3
google_logging_organization_sink: 3
google_logging_project_bucket_config: 3
google_org_policy_policy: 17
google_org_policy_policy: 20
google_organization_iam_binding: 25
google_organization_iam_custom_role: 6
google_organization_iam_member: 22
@ -38,7 +38,7 @@ counts:
google_tags_tag_value: 1
local_file: 7
modules: 15
resources: 177
resources: 180
outputs:
custom_roles: