Experimenting around an actually simple and concise policy language for use with Terraform/OpenTofu
Go to file
drudge b5a2925a24 fiddling with grammars but haven't actually tested whether any portion of them are right 2023-11-26 20:51:20 -08:00
README.md initial commit 2023-11-25 20:28:18 -08:00
ebs-volume-required-tags.voldo start simple policy logic 2023-11-26 20:15:23 -08:00
example-plan.json initial commit 2023-11-25 20:28:18 -08:00
main.raku start simple policy logic 2023-11-26 20:15:23 -08:00
scratchpad.raku fiddling with grammars but haven't actually tested whether any portion of them are right 2023-11-26 20:51:20 -08:00

README.md

The goal of this product is to evaluate the contents of a Terraform (or OpenTofu) run and permit/deny it taking place.

It will use the JSON plan representation as outlined here: https://developer.hashicorp.com/terraform/internals/json-format#plan-representation

Chiefly the resource_changes collection.

The simple goal of at this stage is to allow someone to write very simple rules for Terraform compliance.

For instance, "aws_instance must be of type t3.micro" Initially, examples will be simple and static.