1. Packages
  2. Harness Provider
  3. API Docs
  4. governance
  5. RuleEnforcement
Harness v0.4.4 published on Tuesday, Nov 12, 2024 by Pulumi

harness.governance.RuleEnforcement

Explore with Pulumi AI

harness logo
Harness v0.4.4 published on Tuesday, Nov 12, 2024 by Pulumi

    Resource for creating, updating, and managing rule enforcement.

    Create RuleEnforcement Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new RuleEnforcement(name: string, args: RuleEnforcementArgs, opts?: CustomResourceOptions);
    @overload
    def RuleEnforcement(resource_name: str,
                        args: RuleEnforcementArgs,
                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def RuleEnforcement(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        cloud_provider: Optional[str] = None,
                        execution_schedule: Optional[str] = None,
                        execution_timezone: Optional[str] = None,
                        target_accounts: Optional[Sequence[str]] = None,
                        description: Optional[str] = None,
                        is_dry_run: Optional[bool] = None,
                        is_enabled: Optional[bool] = None,
                        name: Optional[str] = None,
                        rule_ids: Optional[Sequence[str]] = None,
                        rule_set_ids: Optional[Sequence[str]] = None,
                        target_regions: Optional[Sequence[str]] = None)
    func NewRuleEnforcement(ctx *Context, name string, args RuleEnforcementArgs, opts ...ResourceOption) (*RuleEnforcement, error)
    public RuleEnforcement(string name, RuleEnforcementArgs args, CustomResourceOptions? opts = null)
    public RuleEnforcement(String name, RuleEnforcementArgs args)
    public RuleEnforcement(String name, RuleEnforcementArgs args, CustomResourceOptions options)
    
    type: harness:governance:RuleEnforcement
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args RuleEnforcementArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RuleEnforcementArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RuleEnforcementArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RuleEnforcementArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RuleEnforcementArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var ruleEnforcementResource = new Harness.Governance.RuleEnforcement("ruleEnforcementResource", new()
    {
        CloudProvider = "string",
        ExecutionSchedule = "string",
        ExecutionTimezone = "string",
        TargetAccounts = new[]
        {
            "string",
        },
        Description = "string",
        IsDryRun = false,
        IsEnabled = false,
        Name = "string",
        RuleIds = new[]
        {
            "string",
        },
        RuleSetIds = new[]
        {
            "string",
        },
        TargetRegions = new[]
        {
            "string",
        },
    });
    
    example, err := governance.NewRuleEnforcement(ctx, "ruleEnforcementResource", &governance.RuleEnforcementArgs{
    	CloudProvider:     pulumi.String("string"),
    	ExecutionSchedule: pulumi.String("string"),
    	ExecutionTimezone: pulumi.String("string"),
    	TargetAccounts: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Description: pulumi.String("string"),
    	IsDryRun:    pulumi.Bool(false),
    	IsEnabled:   pulumi.Bool(false),
    	Name:        pulumi.String("string"),
    	RuleIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	RuleSetIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	TargetRegions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var ruleEnforcementResource = new RuleEnforcement("ruleEnforcementResource", RuleEnforcementArgs.builder()
        .cloudProvider("string")
        .executionSchedule("string")
        .executionTimezone("string")
        .targetAccounts("string")
        .description("string")
        .isDryRun(false)
        .isEnabled(false)
        .name("string")
        .ruleIds("string")
        .ruleSetIds("string")
        .targetRegions("string")
        .build());
    
    rule_enforcement_resource = harness.governance.RuleEnforcement("ruleEnforcementResource",
        cloud_provider="string",
        execution_schedule="string",
        execution_timezone="string",
        target_accounts=["string"],
        description="string",
        is_dry_run=False,
        is_enabled=False,
        name="string",
        rule_ids=["string"],
        rule_set_ids=["string"],
        target_regions=["string"])
    
    const ruleEnforcementResource = new harness.governance.RuleEnforcement("ruleEnforcementResource", {
        cloudProvider: "string",
        executionSchedule: "string",
        executionTimezone: "string",
        targetAccounts: ["string"],
        description: "string",
        isDryRun: false,
        isEnabled: false,
        name: "string",
        ruleIds: ["string"],
        ruleSetIds: ["string"],
        targetRegions: ["string"],
    });
    
    type: harness:governance:RuleEnforcement
    properties:
        cloudProvider: string
        description: string
        executionSchedule: string
        executionTimezone: string
        isDryRun: false
        isEnabled: false
        name: string
        ruleIds:
            - string
        ruleSetIds:
            - string
        targetAccounts:
            - string
        targetRegions:
            - string
    

    RuleEnforcement Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The RuleEnforcement resource accepts the following input properties:

    CloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    ExecutionSchedule string
    Execution schedule in cron format.
    ExecutionTimezone string
    Timezone for the execution schedule.
    TargetAccounts List<string>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    Description string
    Description for rule enforcement.
    IsDryRun bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    IsEnabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    Name string
    Name of the rule enforcement.
    RuleIds List<string>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    RuleSetIds List<string>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    TargetRegions List<string>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    CloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    ExecutionSchedule string
    Execution schedule in cron format.
    ExecutionTimezone string
    Timezone for the execution schedule.
    TargetAccounts []string
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    Description string
    Description for rule enforcement.
    IsDryRun bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    IsEnabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    Name string
    Name of the rule enforcement.
    RuleIds []string
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    RuleSetIds []string
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    TargetRegions []string
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider String
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    executionSchedule String
    Execution schedule in cron format.
    executionTimezone String
    Timezone for the execution schedule.
    targetAccounts List<String>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    description String
    Description for rule enforcement.
    isDryRun Boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled Boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name String
    Name of the rule enforcement.
    ruleIds List<String>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds List<String>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetRegions List<String>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    executionSchedule string
    Execution schedule in cron format.
    executionTimezone string
    Timezone for the execution schedule.
    targetAccounts string[]
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    description string
    Description for rule enforcement.
    isDryRun boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name string
    Name of the rule enforcement.
    ruleIds string[]
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds string[]
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetRegions string[]
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloud_provider str
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    execution_schedule str
    Execution schedule in cron format.
    execution_timezone str
    Timezone for the execution schedule.
    target_accounts Sequence[str]
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    description str
    Description for rule enforcement.
    is_dry_run bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    is_enabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name str
    Name of the rule enforcement.
    rule_ids Sequence[str]
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    rule_set_ids Sequence[str]
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    target_regions Sequence[str]
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider String
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    executionSchedule String
    Execution schedule in cron format.
    executionTimezone String
    Timezone for the execution schedule.
    targetAccounts List<String>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    description String
    Description for rule enforcement.
    isDryRun Boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled Boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name String
    Name of the rule enforcement.
    ruleIds List<String>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds List<String>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetRegions List<String>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the RuleEnforcement resource produces the following output properties:

    EnforcementId string
    Id of the rule enforcement.
    Id string
    The provider-assigned unique ID for this managed resource.
    EnforcementId string
    Id of the rule enforcement.
    Id string
    The provider-assigned unique ID for this managed resource.
    enforcementId String
    Id of the rule enforcement.
    id String
    The provider-assigned unique ID for this managed resource.
    enforcementId string
    Id of the rule enforcement.
    id string
    The provider-assigned unique ID for this managed resource.
    enforcement_id str
    Id of the rule enforcement.
    id str
    The provider-assigned unique ID for this managed resource.
    enforcementId String
    Id of the rule enforcement.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing RuleEnforcement Resource

    Get an existing RuleEnforcement resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RuleEnforcementState, opts?: CustomResourceOptions): RuleEnforcement
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            cloud_provider: Optional[str] = None,
            description: Optional[str] = None,
            enforcement_id: Optional[str] = None,
            execution_schedule: Optional[str] = None,
            execution_timezone: Optional[str] = None,
            is_dry_run: Optional[bool] = None,
            is_enabled: Optional[bool] = None,
            name: Optional[str] = None,
            rule_ids: Optional[Sequence[str]] = None,
            rule_set_ids: Optional[Sequence[str]] = None,
            target_accounts: Optional[Sequence[str]] = None,
            target_regions: Optional[Sequence[str]] = None) -> RuleEnforcement
    func GetRuleEnforcement(ctx *Context, name string, id IDInput, state *RuleEnforcementState, opts ...ResourceOption) (*RuleEnforcement, error)
    public static RuleEnforcement Get(string name, Input<string> id, RuleEnforcementState? state, CustomResourceOptions? opts = null)
    public static RuleEnforcement get(String name, Output<String> id, RuleEnforcementState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    Description string
    Description for rule enforcement.
    EnforcementId string
    Id of the rule enforcement.
    ExecutionSchedule string
    Execution schedule in cron format.
    ExecutionTimezone string
    Timezone for the execution schedule.
    IsDryRun bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    IsEnabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    Name string
    Name of the rule enforcement.
    RuleIds List<string>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    RuleSetIds List<string>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    TargetAccounts List<string>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    TargetRegions List<string>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    CloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    Description string
    Description for rule enforcement.
    EnforcementId string
    Id of the rule enforcement.
    ExecutionSchedule string
    Execution schedule in cron format.
    ExecutionTimezone string
    Timezone for the execution schedule.
    IsDryRun bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    IsEnabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    Name string
    Name of the rule enforcement.
    RuleIds []string
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    RuleSetIds []string
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    TargetAccounts []string
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    TargetRegions []string
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider String
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    description String
    Description for rule enforcement.
    enforcementId String
    Id of the rule enforcement.
    executionSchedule String
    Execution schedule in cron format.
    executionTimezone String
    Timezone for the execution schedule.
    isDryRun Boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled Boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name String
    Name of the rule enforcement.
    ruleIds List<String>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds List<String>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetAccounts List<String>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    targetRegions List<String>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider string
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    description string
    Description for rule enforcement.
    enforcementId string
    Id of the rule enforcement.
    executionSchedule string
    Execution schedule in cron format.
    executionTimezone string
    Timezone for the execution schedule.
    isDryRun boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name string
    Name of the rule enforcement.
    ruleIds string[]
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds string[]
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetAccounts string[]
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    targetRegions string[]
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloud_provider str
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    description str
    Description for rule enforcement.
    enforcement_id str
    Id of the rule enforcement.
    execution_schedule str
    Execution schedule in cron format.
    execution_timezone str
    Timezone for the execution schedule.
    is_dry_run bool
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    is_enabled bool
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name str
    Name of the rule enforcement.
    rule_ids Sequence[str]
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    rule_set_ids Sequence[str]
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    target_accounts Sequence[str]
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    target_regions Sequence[str]
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.
    cloudProvider String
    The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
    description String
    Description for rule enforcement.
    enforcementId String
    Id of the rule enforcement.
    executionSchedule String
    Execution schedule in cron format.
    executionTimezone String
    Timezone for the execution schedule.
    isDryRun Boolean
    Indicates if the rule enforcement is a dry run. This by default is set to false.
    isEnabled Boolean
    Indicates if the rule enforcement is enabled. This by default is set to true.
    name String
    Name of the rule enforcement.
    ruleIds List<String>
    List of rule IDs. Either ruleids or ruleset_ids should be provided.
    ruleSetIds List<String>
    List of rule set IDs. Either ruleids or ruleset_ids should be provided.
    targetAccounts List<String>
    List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.
    targetRegions List<String>
    List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.

    Import

    Import governance enforcement

    $ pulumi import harness:governance/ruleEnforcement:RuleEnforcement example <enforcement_id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    harness pulumi/pulumi-harness
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the harness Terraform Provider.
    harness logo
    Harness v0.4.4 published on Tuesday, Nov 12, 2024 by Pulumi