Policy types for @turbot/azure
- Azure > Client ID
- Azure > Client Secret
- Azure > Environment
- Azure > Management Group > CMDB
- Azure > Resource Group > CMDB
- Azure > Resource Group > Configured
- Azure > Resource Group > Configured > Claim Precedence
- Azure > Resource Group > Configured > Source
- Azure > Resource Group > Stack
- Azure > Resource Group > Stack > Secret Variables
- Azure > Resource Group > Stack > Source
- Azure > Resource Group > Stack > Terraform Version
- Azure > Resource Group > Stack > Variables
- Azure > Resource Group > Tags
- Azure > Resource Group > Tags > Template
- Azure > Subscription > Approved Regions [Default]
- Azure > Subscription > CMDB
- Azure > Subscription > Regions [Default]
- Azure > Subscription > Stack
- Azure > Subscription > Stack > Secret Variables
- Azure > Subscription > Stack > Source
- Azure > Subscription > Stack > Terraform Version
- Azure > Subscription > Stack > Variables
- Azure > Subscription > Tags Template [Default]
- Azure > Tags Template [Default]
- Azure > Tenant > CMDB
- Azure > Tenant ID
- Azure > Turbot
- Azure > Turbot > Event Handlers
- Azure > Turbot > Event Handlers > Monitor
- Azure > Turbot > Event Handlers > Monitor > Action Group
- Azure > Turbot > Event Handlers > Monitor > Action Group > Name Prefix
- Azure > Turbot > Event Handlers > Monitor > Action Group > Tags
- Azure > Turbot > Event Handlers > Monitor > Action Group > Tags > Ignore Changes
- Azure > Turbot > Event Handlers > Monitor > Activity Log Alert
- Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Name Prefix
- Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Tags
- Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Tags > Ignore Changes
- Azure > Turbot > Event Handlers > Monitor > Resource Group Name
- Azure > Turbot > Event Handlers > Source
- Azure > Turbot > Event Handlers > Terraform Version
- Azure > Turbot > Event Poller
- Azure > Turbot > Event Poller > Interval
- Azure > Turbot > Event Poller > Window
- Azure > Turbot > Management Group Event Poller
- Azure > Turbot > Management Group Event Poller > Interval
- Azure > Turbot > Resource Group
- Azure > Turbot > Resource Group > Name Prefix
- Azure > Turbot > Resource Group > Regions
- Azure > Turbot > Resource Group > Source
- Azure > Turbot > Resource Group > Tags
- Azure > Turbot > Resource Group > Tags > Ignore Changes
- Azure > Turbot > Resource Group > Terraform Version
Azure > Client ID
Azure client ID that has been delegated access to the tenant.
{ "type": "string", "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$", "tests": [ { "input": "b679c4b2-edf6-4c42-ba05-69c92dc09e38" }, { "description": "invalid - azure client id", "input": "A61498f8-9caa-42de-9f6e-532bd0fe9f9b", "expected": false } ]}Azure > Client Secret
Azure client secret key for the client ID that has been delegated access to the tenant.
{ "type": "string"}Azure > Environment
Defines the Azure Cloud Environment that subscription is going to use.
[ "Global Cloud", "US Government", "China Cloud"]{ "type": "string", "minLength": 1, "enum": [ "Global Cloud", "US Government", "China Cloud" ], "tests": [ { "input": "US Government" }, { "input": "", "expected": false } ]}Azure > Management Group > CMDB
Configure whether to record and synchronize details for Azure\nAzure management group(s) into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote that if CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
[ "Skip", "Enforce: Enabled", "Enforce: Disabled"]{ "type": "string", "enum": [ "Skip", "Enforce: Enabled", "Enforce: Disabled" ], "example": [ "Skip" ], "default": "Enforce: Enabled"}Azure > Resource Group > CMDB
Configure whether to record and synchronize details for the Azure resource group into the CMDB.\n\nThe CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.\nAll policies and controls in Guardrails are based around the resource, so usually the CMDB policy is set to "Enforce: Enabled".\n\nIf set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.\n\nTo cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".\n
[ "Skip", "Enforce: Enabled", "Enforce: Disabled"]{ "type": "string", "enum": [ "Skip", "Enforce: Enabled", "Enforce: Disabled" ], "example": [ "Skip" ], "default": "Enforce: Enabled"}Azure > Resource Group > Configured
Determine how to configure this resource.\n\nNote: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored\nand inherit from the stack that owns it.\n\nThe policy values for Azure > Azure > Resource Group are deprecated and\nreplaced by new values. The deprecated values will be removed in the next major version.\n\n| Deprecated Values | Current Values |\n|--------------------------------------------------|----------------------------------------------------------------|\n| Skip if using Configured > Source | Skip \\(unless claimed by a stack\\) |\n| Check: Configured if using Configured > Source | Check: Per Configured > Source \\(unless claimed by a stack\\) |\n| Enforce: Configured if using Configured > Source | Enforce: Per Configured > Source \\(unless claimed by a stack\\) |\n
[ "Skip if using Configured > Source", "Check: Configured if using Configured > Source", "Enforce: Configured if using Configured > Source", "Skip (unless claimed by a stack)", "Check: Per Configured > Source (unless claimed by a stack)", "Enforce: Per Configured > Source (unless claimed by a stack)"]{ "enum": [ "Skip if using Configured > Source", "Check: Configured if using Configured > Source", "Enforce: Configured if using Configured > Source", "Skip (unless claimed by a stack)", "Check: Per Configured > Source (unless claimed by a stack)", "Enforce: Per Configured > Source (unless claimed by a stack)" ], "default": "Skip (unless claimed by a stack)"}Azure > Resource Group > Configured > Claim Precedence
An ordered list of who is allowed to claim a resource.\nA stack cannot claim a resource if it is already claimed by another\nstack at a higher level of precedence.\n
"{\n defaultPrecedence: policy(uri:\"tmod:@turbot/turbot#/policy/types/claimPrecedenceDefault\")\n}\n""{%- if $.defaultPrecedence | length == 0 %}[]{%- else %}{% for item in $.defaultPrecedence %}- '{{ item }}'{% endfor %}{% endif %}"{ "type": "array", "items": { "type": "string" }}Azure > Resource Group > Configured > Source
A HCL or JSON format Terraform configuration source used to configure this resource.
{ "type": "string", "default": "", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Resource Group > Stack
Configure a custom stack on Azure, per the custom Stack > Source.\n\nA Guardrails Stack is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured control.\n
[ "Skip", "Check: Configured", "Enforce: Configured"]{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "default": "Skip"}Azure > Resource Group > Stack > Secret Variables
Terraform secret variables in Terraform HCL that will be used as\ninputs to the stack as a .tfvars file.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Resource Group > Stack > Source
The Terraform HCL source used to configure this stack.\n\nA Guardrails Stack is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured control.\n
{ "type": "string", "default": "", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Resource Group > Stack > Terraform Version
The Version of Terraform to use for this stack.\nSpecify an npm-style semver string to\ndetermine which version of the Terraform container\nGuardrails will use to run this stack.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
"{\n terraformVersion: policy(uri:\"tmod:@turbot/turbot#/policy/types/stackTerraformVersion\")\n}\n""{% if $.terraformVersion %}"{{$.terraformVersion}}"{% else %}""{% endif %}"{ "type": "string"}Azure > Resource Group > Stack > Variables
Terraform variables in Terraform HCL that will be used as\ninputs to the stack as a .tfvars file.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Resource Group > Tags
Determine the action to take when an Azure Azure resource group tags are not updated based on the Azure > Azure > Resource Group > Tags > * policies.\n\nThe control ensure Azure Azure resource group tags include tags defined in Azure > Azure > Resource Group > Tags > Template.\n\nTags not defined in Resource Group Tags Template will not be modified or deleted. Setting a tag value to undefined will result in the tag being deleted.\n\nSee Tags for more information.\n
[ "Skip", "Check: Tags are correct", "Enforce: Set tags"]{ "type": "string", "enum": [ "Skip", "Check: Tags are correct", "Enforce: Set tags" ], "example": [ "Check: Tags are correct" ], "default": "Skip"}Azure > Resource Group > Tags > Template
The template is used to generate the keys and values for Azure Azure resource group.\n\nTags not defined in Resource Group Tags Template will not be modified or deleted. Setting a tag value to undefined will result in the tag being deleted.\n\nSee Tags for more information.\n
[ "{\n subscription {\n turbot {\n id\n }\n }\n}\n", "{\n defaultTags: policyValue(uri:\"tmod:@turbot/azure#/policy/types/azureTagsTemplate\" resourceId: \"{{ $.subscription.turbot.id }}\") {\n value\n }\n}\n"]"{%- if $.defaultTags.value | length == 0 %} [] {%- elif $.defaultTags.value != undefined %}{{ $.defaultTags.value | dump | safe }}{%- else %}{% for item in $.defaultTags.value %}- {{ item }}{% endfor %}{% endif %}"Azure > Subscription > Approved Regions [Default]
A list of Azure regions in which resources are approved for use.\n\nThe expected format is an array of regions names. You may use the '*' and\n'?' wildcard characters.\n\nThis policy is the default value for all service Approved Regions\npolicies.\n
{ "allOf": [ { "$ref": "#/definitions/regionNameMatcherList" }, { "default": [ "*" ] } ]}Azure > Subscription > CMDB
Configure whether to record and synchronize details for Azure\nAzure subscription(s) into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote that if CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
[ "Skip", "Enforce: Enabled", "Enforce: Disabled"]{ "type": "string", "enum": [ "Skip", "Enforce: Enabled", "Enforce: Disabled" ], "example": [ "Skip" ], "default": "Enforce: Enabled"}Azure > Subscription > Regions [Default]
A list of regions supported by Azure.
{ "allOf": [ { "$ref": "azure#/definitions/regionNameMatcherList" }, { "default": [ "*" ] } ]}Azure > Subscription > Stack
Configure a custom stack on Azure, per the custom Stack > Source.\n\nA Guardrails Stack is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured control.\n
[ "Skip", "Check: Configured", "Enforce: Configured"]{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "default": "Skip"}Azure > Subscription > Stack > Secret Variables
Terraform secret variables in Terraform HCL that will be used as\ninputs to the stack as a .tfvars file.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Subscription > Stack > Source
The Terraform HCL source used to configure this stack.\n\nA Guardrails Stack is a set of resources configured by Guardrails, as specified\nvia Terraform source. Stacks are responsible for the creation and deletion\nof multiple resources. Once created, stack resources are responsible for\nconfiguring themselves from the stack source via their Configured control.\n
{ "type": "string", "default": "", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Subscription > Stack > Terraform Version
The Version of Terraform to use for this stack.\nSpecify an npm-style semver string to\ndetermine which version of the Terraform container\nGuardrails will use to run this stack.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
"{\n terraformVersion: policy(uri:\"tmod:@turbot/turbot#/policy/types/stackTerraformVersion\")\n}\n""{% if $.terraformVersion %}"{{$.terraformVersion}}"{% else %}""{% endif %}"{ "type": "string"}Azure > Subscription > Stack > Variables
Terraform variables in Terraform HCL that will be used as\ninputs to the stack as a .tfvars file.\n\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Subscription > Tags Template [Default]
A template used to generate the keys and values for Azure\nresources. By default, all Azure service Tags Template [Default]\npolicies will use this value.\n
"{\n defaultTags: resource {\n tags(resolution: RECOMMENDED)\n }\n}\n""{%- if $.defaultTags.tags | length == 0 %} [] {%- elif $.defaultTags.tags != undefined %}{{ $.defaultTags.tags | dump | safe }}{% endif %}"Azure > Tags Template [Default]
A template used to generate the keys and values for Azure Azure resources.\n\nBy default, all Azure resource Tags > Template policies will use this value.\n
"{\n defaultTags: policyValue(uri:\"tmod:@turbot/azure#/policy/types/defaultTagsTemplate\") {\n value\n }\n}\n""{%- if $.defaultTags.value | length == 0 %} [] {%- elif $.defaultTags.value != undefined %}{{ $.defaultTags.value | dump | safe }}{%- else %}{% for item in $.defaultTags.value %}- {{ item }}{% endfor %}{% endif %}"Azure > Tenant > CMDB
Configure whether to record and synchronize details for Azure\nAzure tenant into the CMDB.\n\nThe CMDB control is\nresponsible for populating and updating all the attributes for that\nresource type in the Guardrails CMDB.\n\nNote that if CMDB is set to Skip for a resource, then it will not be added\nto the CMDB, and no controls that target it will run.\n
[ "Skip", "Enforce: Enabled"]{ "type": "string", "enum": [ "Skip", "Enforce: Enabled" ], "example": [ "Skip" ], "default": "Enforce: Enabled"}Azure > Tenant ID
Azure tenant ID used by Guardrails for access to the Azure APIs.
{ "type": "string", "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$", "tests": [ { "input": "661498f8-9caa-42de-9f6e-532bd0fe9f9b" }, { "description": "invalid - azure tenant", "input": "A61498f8-9caa-42de-9f6e-532bd0fe9f9b", "expected": false } ]}Azure > Turbot
Azure > Turbot > Event Handlers
Configure the Guardrails Event Handler stack. This stack configures\nthe Event Handlers for Guardrails real-time event routing.\n
[ "Skip", "Check: Configured", "Check: Not configured", "Enforce: Configured", "Enforce: Not configured"]{ "type": "string", "enum": [ "Skip", "Check: Configured", "Check: Not configured", "Enforce: Configured", "Enforce: Not configured" ], "default": "Skip"}Azure > Turbot > Event Handlers > Monitor
Azure > Turbot > Event Handlers > Monitor > Action Group
Azure > Turbot > Event Handlers > Monitor > Action Group > Name Prefix
A string to be Used as a prefix to the turbot generated name on the\nGuardrails Event Handler Monitor Action Group. The name will be\npre-pended with this value.\n
{ "type": "string", "default": "turbot_", "example": "turbot_"}Azure > Turbot > Event Handlers > Monitor > Action Group > Tags
A list of key:value pairs to add as Azure Tags on the Guardrails\nEvent Handler Monitor Alerts.\n
null"{}"Azure > Turbot > Event Handlers > Monitor > Action Group > Tags > Ignore Changes
Configure whether to ignore changes to tags on the Action Group. If set to Enabled, the stack will ignore all changes made to the Action Group tags including the changes on Azure > Turbot > Event Handlers > Monitor > Action Group > Tags policy.\n
[ "Enabled", "Disabled"]{ "type": "string", "enum": [ "Enabled", "Disabled" ], "default": "Disabled"}Azure > Turbot > Event Handlers > Monitor > Activity Log Alert
Configure the Guardrails Event Handler stack. This stack configures\nthe activity log alert for Guardrails real-time event routing.\n
Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Name Prefix
A string to be Used as a prefix to the turbot generated name on the\nGuardrails Event Handler Monitor Alert. The name will be pre-pended\nwith this value.\n
{ "type": "string", "default": "turbot_", "example": "turbot_"}Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Tags
A list of key:value pairs to add as Azure Tags on the Guardrails\nEvent Handler Monitor Alerts.\n
null"{}"Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Tags > Ignore Changes
Configure whether to ignore changes to tags on the Activity Log Alert. If set to Enabled, the stack will ignore all changes made to the Activity Log Alert tags including the changes on Azure > Turbot > Event Handlers > Monitor > Activity Log Alert > Tags policy.\n
[ "Enabled", "Disabled"]{ "type": "string", "enum": [ "Enabled", "Disabled" ], "default": "Disabled"}Azure > Turbot > Event Handlers > Monitor > Resource Group Name
"{\n turbotResourceGroupNamePrefix: policy(uri: \"#/policy/types/turbotResourceGroupNamePrefix\")\n}\n""'{{$.turbotResourceGroupNamePrefix}}rg'"{ "type": "string"}Azure > Turbot > Event Handlers > Source
The Terraform source used to configure the Event Handler Monitor stack.\nThis policy is read-only, as the Event Handler source is generated by Guardrails\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Turbot > Event Handlers > Terraform Version
The Version of Terraform to use for this stack.\nSpecify an npm-style semver string to\ndetermine which version of the Terraform container\nGuardrails will use to run this stack.\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "default": "0.11.*"}Azure > Turbot > Event Poller
Configure the Azure Event Poller. When set to Enabled, the poller will\nrun at the interval specified to retrieve the latest events and forward\nthem to the Guardrails Router.\n\nNote: The Event Poller and Guardrails Event Handler are different mechanisms for\nsending information to Guardrails. You should enable one or the other, but not both.\n
"{\n value: policy(uri: \"tmod:@turbot/azure#/policy/types/eventHandlers\")\n}\n""{% if $.value == 'Enforce: Configured' %}Disabled{% else %}Enabled{% endif%}\n"{ "type": "string", "enum": [ "Enabled", "Disabled" ]}Azure > Turbot > Event Poller > Interval
The polling interval. This policy determines how often\nthe event poller will run.\n
[ "Every 1 minute", "Every 2 minutes", "Every 3 minutes", "Every 4 minutes", "Every 5 minutes", "Every 6 minutes", "Every 7 minutes", "Every 8 minutes", "Every 9 minutes", "Every 10 minutes"]{ "type": "string", "enum": [ "Every 1 minute", "Every 2 minutes", "Every 3 minutes", "Every 4 minutes", "Every 5 minutes", "Every 6 minutes", "Every 7 minutes", "Every 8 minutes", "Every 9 minutes", "Every 10 minutes" ], "default": "Every 1 minute"}Azure > Turbot > Event Poller > Window
The polling window, in minutes. This policies determines the oldest\nevents the event poller will retrieve. For example, setting the window\nto '5 minutes' will cause the poller to retrieve all events from\nthe previous 5 minutes every time it runs.\n\nThe Window must be greater than the Interval, and it is recommended\nto be at least twice the Interval. For example, if the Interval\nis 'Every 5 Minutes', the Window should be at least '10 Minutes'.\n
[ "5 minutes", "6 minutes", "7 minutes", "8 minutes", "9 minutes", "10 minutes", "11 minutes", "12 minutes", "13 minutes", "14 minutes", "15 minutes", "16 minutes", "17 minutes", "18 minutes", "19 minutes", "20 minutes"]{ "type": "string", "enum": [ "5 minutes", "6 minutes", "7 minutes", "8 minutes", "9 minutes", "10 minutes", "11 minutes", "12 minutes", "13 minutes", "14 minutes", "15 minutes", "16 minutes", "17 minutes", "18 minutes", "19 minutes", "20 minutes" ], "default": "10 minutes"}Azure > Turbot > Management Group Event Poller
Configure the Azure Management Group Event Poller. When set to Enabled,\nthe poller will run at the interval specified to run the mangement group\ndiscovery control to look for changes in the management group hierarcy.\n
[ "Enabled", "Disabled"]{ "type": "string", "enum": [ "Enabled", "Disabled" ], "default": "Enabled"}Azure > Turbot > Management Group Event Poller > Interval
The discovery interval. This policy determines how often the management group discovery will run.\n
[ "Every hour", "Every 2 hours", "Every 3 hours", "Every 6 hours", "Every 12 hours", "Every day", "Every 2 days", "Every 3 days", "Every week"]{ "type": "string", "enum": [ "Every hour", "Every 2 hours", "Every 3 hours", "Every 6 hours", "Every 12 hours", "Every day", "Every 2 days", "Every 3 days", "Every week" ], "default": "Every 12 hours"}Azure > Turbot > Resource Group
[ "Skip", "Check: Configured", "Check: Not configured", "Enforce: Configured", "Enforce: Not configured"]{ "type": "string", "enum": [ "Skip", "Check: Configured", "Check: Not configured", "Enforce: Configured", "Enforce: Not configured" ], "default": "Skip"}Azure > Turbot > Resource Group > Name Prefix
A string to be Used as a prefix to the turbot generated name on the\nGuardrails Resource Group. The name will be\npre-pended with this value.\n
{ "type": "string", "default": "turbot_", "example": "turbot_"}Azure > Turbot > Resource Group > Regions
Regions where Azure supports Resource Group. Guardrails updates this option as Azure expands their regional support. Unless there is an explicit requirement (e.g. accelerated regional support), it should not be set by Guardrails Administrators.
"{\n environmentValue: policy(uri: \"azure#/policy/types/environment\")\n}\n""{% if $.environmentValue == 'US Government' %}USGov Arizona {%- elif $.environmentValue == 'China Cloud' %}China East 2{% else %}WEST US{% endif %}"{ "type": "string", "enum": [ "AUSTRALIA CENTRAL", "AUSTRALIA CENTRAL 2", "AUSTRALIA EAST", "AUSTRALIA SOUTHEAST", "BRAZIL SOUTH", "CANADA CENTRAL", "CANADA EAST", "CENTRAL INDIA", "CENTRAL US", "EAST ASIA", "EAST US", "EAST US 2", "FRANCE CENTRAL", "FRANCE SOUTH", "JAPAN EAST", "JAPAN WEST", "KOREA CENTRAL", "KOREA SOUTH", "NORTHCENTRAL US", "NORTH EUROPE", "SOUTHCENTRAL US", "SOUTH INDIA", "SOUTHEAST ASIA", "UK SOUTH", "UK WEST", "WESTCENTRAL US", "WEST EUROPE", "WEST INDIA", "WEST US", "WEST US 2", "USGov Iowa", "USGov Virginia", "USGov Texas", "USGov Arizona", "China East", "China East 2", "China East 3", "China North", "China North 2", "China North 3" ]}Azure > Turbot > Resource Group > Source
The Terraform source used to configure this resource. This policy is\nread-only, as the Event Handler source is generated by Guardrails\n
{ "type": "string", "x-schema-form": { "type": "code", "language": "hcl" }}Azure > Turbot > Resource Group > Tags
A list of key:value pairs to add as Azure Tags on the Guardrails\nResource Group.\n
null"{}"Azure > Turbot > Resource Group > Tags > Ignore Changes
Configure whether to ignore changes to tags on the Guardrails resource group. If set to Enabled, the stack will ignore all changes made to the Guardrails resource group tags including the changes on Azure > Turbot > Resource Group > Tags policy.\n
[ "Enabled", "Disabled"]{ "type": "string", "enum": [ "Enabled", "Disabled" ], "default": "Disabled"}Azure > Turbot > Resource Group > Terraform Version
The Version of Terraform to use for this stack.\nSpecify an npm-style semver string to\ndetermine which version of the Terraform container\nGuardrails will use to run this stack.\nA Guardrails Stack is a set of resources configured by Guardrails,\nas specified via Terraform source. Stacks are responsible\nfor the creation and deletion of multiple resources. Once created,\nstack resources are responsible for configuring themselves from\nthe stack source via their Configured control.\n
{ "type": "string", "default": "0.11.*"}