fixup! add policy sample

spacelift-io · Jun 13, 2024 · 9a11182 · 9a11182
1 parent 8cf5727
commit 9a11182
Showing 1 changed file with 14 additions and 7 deletions.
diff --git a/config/samples/_v1beta1_policy.yaml b/config/samples/_v1beta1_policy.yaml
@@ -1,12 +1,19 @@
 apiVersion: app.spacelift.io/v1beta1
 kind: Policy
 metadata:
-  labels:
-    app.kubernetes.io/name: policy
-    app.kubernetes.io/instance: policy-sample
-    app.kubernetes.io/part-of: spacelift-operator
-    app.kubernetes.io/managed-by: kustomize
-    app.kubernetes.io/created-by: spacelift-operator
   name: policy-sample
 spec:
-  # TODO(user): Add fields here
+  name: test policy
+  type: PLAN
+  spaceName: space-sample
+  attachedStacks:
+    - stack-sample
+  description: Prevent creation of IAM users test
+  body: |
+    package spacelift
+
+    deny[sprintf("must not create AWS IAM users", [resource.address])] {
+      some resource
+      created_resources[resource]
+      resource.type == "aws_iam_user"
+    }