@pulumi/policy
Advanced tools
Define and manage policy for cloud resources deployed through Pulumi.
Policy rules run during pulumi preview and pulumi up, asserting that cloud resource definitions
comply with the policy immediately before they are created or updated. Policies may optionally define
remediations that automatically fix policy violations rather than issue warnings.
During preview, every rule is run on every resource, and policy violations are batched up
into a final report. During the update, the first policy violation will halt the deployment.
Policy violations can have enforcement levels that are advisory, which results in a printed
warning, or mandatory, which results in an error after pulumi preview or pulumi up completes.
The enforcement level remediate is stronger than both and enables automatic remediations.
Please see Get Started with Policy as Code to get started authoring and enforcing policies.
For additional documentation, guides, best practices, and FAQs, see Policy as Code.
Looking for examples? Please refer to the examples repo.
Policies can be written in TypeScript/JavaScript (Node.js) or Python and can be applied to Pulumi stacks written in any language.
| Language | Status | |
|---|---|---|
 | TypeScript | Stable |
 | JavaScript | Stable |
 | Python | Preview |
 | .NET | Coming Soon |
 | Go | Coming Soon |
FAQs
A framework for writing policy as code
The npm package @pulumi/policy receives a total of 34,974 weekly downloads. As such, @pulumi/policy popularity was classified as popular.
We found that @pulumi/policy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
TypeScript is porting its compiler to Go, delivering 10x faster builds, lower memory usage, and improved editor performance for a smoother developer experience.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
