OPA
This plugin allows you to check your Terraform code against security policies that you define.
OPA
is a policy-based control for cloud native environments.

Configuration options
Policy: the content of
rego
file that contains your policy.Version: always points to the latest version.
Decision.
Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
Require approval: means that this task will not be executed until approved by people added in the approvers' list.
The task remains blocked until all approvers added in the list approve it.
Sample output
Examples
Naming convention
Decision: brainboard/deny
Mandatory tags
Decision: brainboard/deny
Unrestricted ingress for AWS Security Group
Decision: brainboard/deny
Last updated
Was this helpful?