Policies
Properties
| Property | Description | Values | Example |
|---|---|---|---|
policyarray | list of policies Array of policy definitions that enforce compliance and security rules across your infrastructure | Optional | - |
policy
| Property | Description | Values | Example |
|---|---|---|---|
typestring | policy type Type of policy that determines where and how it is enforced | Optional"kubernetes_cluster", "terraform_module", "helm_chart", "kubernetes_manifest", "container_image", "sandbox" | "kubernetes_cluster", "terraform_module" |
enginestring | policy engine The policy engine used to evaluate the policy. Must be compatible with the policy type. | Optional"kyverno", "opa" | "kyverno", "opa" |
namestring | policy name Human-readable name for the policy. If not specified, will be derived from the source filename when parsing from a policies/ directory. | Optional | "disallow-ingress-nginx-custom-snippets", "set-karpenter-non-cpu-limits" |
contentsstring | policy document Policy content in the appropriate format for the policy type. Supports Nuon templating and external file sources: HTTP(S) URLs (https://example.com/policy.json), git repositories (g… | Optional | "./disallow-ingress-nginx-custom-snippets.yaml", "./block-mutable-tags.rego" |
componentsarray | target components List of component names this policy applies to. Use [”*”] to apply to all components of the specified type. If empty, doesn’t apply to any component. Ignored when type is ‘sandbox’. | Optional | "*", "rds_cluster" |