zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix documentation for organization-policy module (#726)

This commit is contained in:
Aleksandr Averbukh 2022-07-10 09:12:47 +02:00 committed by GitHub
parent e21a0f7541
commit f3dd8692ba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/organization-policy/README.md
View File

@ -125,7 +125,7 @@ cat ./policies/baseline.yaml
organizations/1234567890:
constraints/compute.vmExternalIpAccess:
rules:
- deny_all: true
- deny: [] # Stands for deny_all = true
folders/1234567890:
compute.vmCanIpForward:
inherit_from_parent: false
@ -136,13 +136,12 @@ projects/my-project-id:
run.allowedIngress:
inherit_from_parent: true
rules:
- condition:
- allow: ['internal'] # Stands for values.allowed_values
condition:
description: allow internal ingress
expression: resource.matchTag("123456789/environment", "prod")
location: test.log
title: allow-for-prod
values:
allowed_values: ['internal']
iam.allowServiceAccountCredentialLifetimeExtension:
rules:
- deny: [] # Stands for deny_all = true