This repository has been archived by the owner on Sep 3, 2024. It is now read-only.
[ENHANCEMENT] Ignoring globally a policy but make it mandatory to a specific resource #297
Labels
enhancement
New feature or request
Comments
|
Hi Rasmey, My apologies for the delay in getting back to you. We're looking into implementing a "NOT" option for waivers, so that you would be able to waive that rule EXCEPT under specific conditions (e.g.a given resource ID or tag) - I believe that should help with this use case. We will keep you updated on when this work gets scheduled and implemented. -Chris |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello,
We are facing an issue on a specific use-case. We want to ignore globally some policies, but make them mandatory on specific resources according to the use-case.
In regula, we can waive and disable only.
An example, we want to waive the rule FG_R00018: CloudFront distributions should have geo-restrictions specified because we provide some webapps in a specific region. But we anticipate a use case when we would have a webapp that must be available everywhere.
Except copy/paste some rego code which is very bad, we don't know how to do that properly.
What do you think ?
Thank you by advance
Rasmey
The text was updated successfully, but these errors were encountered: