From e8778f1c8cf047f41b87bbbe2296f13e6a2209b6 Mon Sep 17 00:00:00 2001
From: Viacheslav Lyzohub <v.lyzohub@scalr.com>
Date: Mon, 1 Jul 2024 15:38:00 +0300
Subject: [PATCH] SCALRCORE-31241: Policy example for
 workspace.environment_type

---
 management/workspace_environment_type.rego    |  8 +++++++
 .../workspace_environment_type_mock.json      | 24 +++++++++++++++++++
 .../workspace_environment_type_test.rego      | 11 +++++++++
 3 files changed, 43 insertions(+)
 create mode 100644 management/workspace_environment_type.rego
 create mode 100644 management/workspace_environment_type_mock.json
 create mode 100644 management/workspace_environment_type_test.rego

diff --git a/management/workspace_environment_type.rego b/management/workspace_environment_type.rego
new file mode 100644
index 0000000..b4365b3
--- /dev/null
+++ b/management/workspace_environment_type.rego
@@ -0,0 +1,8 @@
+package terraform
+
+import input.tfrun as tfrun
+
+deny["Monthly cost for dev workspace exceeds $100"] {
+    tfrun.workspace.environment_type == "development"
+    tfrun.cost_estimate.proposed_monthly_cost > 100
+}
diff --git a/management/workspace_environment_type_mock.json b/management/workspace_environment_type_mock.json
new file mode 100644
index 0000000..fc8bf5b
--- /dev/null
+++ b/management/workspace_environment_type_mock.json
@@ -0,0 +1,24 @@
+{
+    "mock": {
+        "valid_input": {
+            "tfrun": {
+                "workspace": {
+                    "environment_type": "development"
+                },
+                "cost_estimate": {
+                    "proposed_monthly_cost": 50
+                }
+            }
+        },
+        "invalid_input": {
+            "tfrun": {
+                "workspace": {
+                    "environment_type": "development"
+                },
+                "cost_estimate": {
+                    "proposed_monthly_cost": 150
+                }
+            }
+        }
+    }
+}
diff --git a/management/workspace_environment_type_test.rego b/management/workspace_environment_type_test.rego
new file mode 100644
index 0000000..168d804
--- /dev/null
+++ b/management/workspace_environment_type_test.rego
@@ -0,0 +1,11 @@
+package terraform
+
+test_dev_workspace_cost_allowed {
+    result = deny with input as data.mock.valid_input
+    count(result) == 0
+}
+
+test_dev_workspace_cost_denied {
+    result = deny with input as data.mock.invalid_input
+    count(result) > 0
+}