OLD - Building Custom Policies
See Understanding Custom Policies for a conceptual explanation of Custom Policies in Bridgecrew Cloud.
Creating a Custom Policy
To build a Custom Policy:
- Under Policies, press New Policy.
Policy Details, Name and Category
- Under Policy Details, enter the Policy Name and Guidelines and select a Category.
The name and guidelines appear in Incidents based on this policy.
- Assign a Severity Level.
Associate with Benchmark (Optional)
- You also have the option of associating your custom Policy with one or more benchmark reports (see Compliance Reports). Choose the Benchmark and the section in which this Policy will appear within the report.
- Under Resource Definition, select a Provider and Resource Type(s).
Define Policy Rule
- Under Definition, enter one or more row of Policy rules. Bridgecrew uses Terraform arguments to express configuration states. See further details and examples here.
You can also create multi-rule Policies. See details below.
- When you complete the rule, a preview appears.
In the example shown below, the resource does not comply with the custom policy because its instance type is not micro.t3.
- Press Save.
Your new Policy will be included in Bridgecrew Cloud's next scan.
You can create Policies with multiple rules using the AND condition.
In the example shown below, the Policy would be use to ensure that a Resource can not be access via Internet or SSH.
Editing a Custom Policy
Custom Policies can be viewed on the Policy Dashboard.
To edit a Custom Policy, hover over the date at the end of the Policy row and press Edit.
Updated about 2 years ago