SCALRCORE-31241: Policy example for workspace.environment_type

Scalr · Jul 1, 2024 · e8778f1 · e8778f1
1 parent a3e212a
commit e8778f1
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 0 deletions.
diff --git a/management/workspace_environment_type.rego b/management/workspace_environment_type.rego
@@ -0,0 +1,8 @@
+package terraform
+
+import input.tfrun as tfrun
+
+deny["Monthly cost for dev workspace exceeds $100"] {
+    tfrun.workspace.environment_type == "development"
+    tfrun.cost_estimate.proposed_monthly_cost > 100
+}
diff --git a/management/workspace_environment_type_mock.json b/management/workspace_environment_type_mock.json
@@ -0,0 +1,24 @@
+{
+    "mock": {
+        "valid_input": {
+            "tfrun": {
+                "workspace": {
+                    "environment_type": "development"
+                },
+                "cost_estimate": {
+                    "proposed_monthly_cost": 50
+                }
+            }
+        },
+        "invalid_input": {
+            "tfrun": {
+                "workspace": {
+                    "environment_type": "development"
+                },
+                "cost_estimate": {
+                    "proposed_monthly_cost": 150
+                }
+            }
+        }
+    }
+}
diff --git a/management/workspace_environment_type_test.rego b/management/workspace_environment_type_test.rego
@@ -0,0 +1,11 @@
+package terraform
+
+test_dev_workspace_cost_allowed {
+    result = deny with input as data.mock.valid_input
+    count(result) == 0
+}
+
+test_dev_workspace_cost_denied {
+    result = deny with input as data.mock.invalid_input
+    count(result) > 0
+}