Update readme and add custom baseline (#48)
This commit is contained in:
Bernie White
GitHub
Родитель
abc1d99ac8
Коммит
48aead2df9
|
|
@ -0,0 +1,24 @@
|
|||
# Copyright (c) Microsoft Corporation.
|
||||
# Licensed under the MIT License.
|
||||
|
||||
# IMPORTANT:
|
||||
# This file demonstrates defining YAML-based custom baselines.
|
||||
# To correctly find resources set binding configuration within ps-rule.yaml.
|
||||
# See: https://azure.github.io/PSRule.Rules.Azure/customization/using-custom-rules/#set-binding-configuration
|
||||
|
||||
---
|
||||
# Synopsis: This is an example of a custom baseline that only includes GA rules in the Security and Reliability pillars.
|
||||
apiVersion: github.com/microsoft/PSRule/v1
|
||||
kind: Baseline
|
||||
metadata:
|
||||
name: Org.Custom.Baseline
|
||||
spec:
|
||||
rule:
|
||||
tag:
|
||||
release: GA
|
||||
Azure.WAF/pillar:
|
||||
- Security
|
||||
- Reliability
|
||||
|
||||
exclude:
|
||||
- Azure.Deployment.Name
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
# Licensed under the MIT License.
|
||||
|
||||
# Note:
|
||||
# This files demonstrates using YAML-based rules.
|
||||
# This file demonstrates defining YAML-based custom rules.
|
||||
|
||||
---
|
||||
# Synopsis: Azure resource must have an valid env tag set.
|
||||
|
|
|
|||
|
|
@ -22,13 +22,14 @@ This repository includes:
|
|||
- The `ms-analyze.yaml` file can be ignore or removed as this will not execute outside this repository.
|
||||
- **Azure Pipelines** — Starter pipeline for checking Azure Infrastructure as Code (IaC).
|
||||
- Use the files in the `.pipelines/` to check your Azure IaC with Azure Pipelines.
|
||||
- **Custom rules** — Example custom rules that enforce organization specific requirements.
|
||||
- Use the files in the `.ps-rule/` folder to configure custom rules.
|
||||
- **Custom rules and baselines** — Example custom rules and baselines.
|
||||
- These rules and baselines can be used to enforce organization specific requirements.
|
||||
- Use the files in the `.ps-rule/` folder to configure custom rules and baselines.
|
||||
- **PSRule options** — Example options for using PSRule for Azure.
|
||||
- PSRule options are configures within `ps-rule.yaml`.
|
||||
- Options include suppressing rules, configuring input/ output, and any rules modules.
|
||||
|
||||
> **ARM templates**
|
||||
> [!NOTE]
|
||||
> PSRule for Azure supports ARM templates in addition to Bicep code.
|
||||
> However going forward this repository will focus on Bicep deployments and modules.
|
||||
> Existing ARM templates samples are no longer maintained and have been archived.
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ binding:
|
|||
- type
|
||||
- resourceType
|
||||
|
||||
# Do not warn if an Azure resource or related object has no rules.
|
||||
execution:
|
||||
unprocessedObject: Ignore
|
||||
|
||||
|
|
@ -26,6 +27,7 @@ include:
|
|||
module:
|
||||
- PSRule.Rules.Azure
|
||||
|
||||
# Configure the output culture for recommendations.
|
||||
output:
|
||||
culture:
|
||||
- 'en-US'
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче