Use Custom Policies
Custom Policies in StackGen allow organizations to define their own compliance rules tailored to specific infrastructure requirements. These policies are created and managed via the StackGen CLI and are expressed in JSON format.
Enforce Governance with Custom Policies
With Custom Policies, you can enforce governance standards that go beyond StackGen's built-in policies. These custom rules help ensure that your cloud infrastructure meets the unique requirements of your organization.
Custom Policy Types
There are 5 types of Custom Policies in StackGen, as described below:
| Policy Type | Description and Examples |
|---|---|
| Custom IAM Roles | Define tailored IAM roles for your resources, such as setting up read-only and audit roles for data storage resources. |
| Resources Mapping | Assign resources in your appStack based on predefined mappings, like automatically linking database references to a preferred service. |
| Resource Restrict | Control which resources different teams can use, such as limiting one team to storage and compute resources while allowing another team to access analytics tools. |
| Security and Compliance Settings | Enforce encryption and monitoring for sensitive resources and ensure compliance with organization-wide security policies. |
| Role Based Control | Configure policies for specific teams or all users, like allowing developers to access non-production resources while operations teams manage production systems. |
Governance Pre-configurations
With StackGen, you can group and assign policies to teams, ensuring consistent resource management. Policies are automatically applied to appStacks created by team members.
Sample Use Case: Assign a governance pack to a team that includes:
- Read-only roles for data storage.
- Full-access roles for application hosting.
Apply Custom Policies Across Different Environments
Use Custom Policies Across Cloud Providers. StackGen supports all cloud providers, including AWS, Azure, GCP, Civo Cloud. Implement Policies on Multiple Resources. All resources supported by StackGen can be included in custom policies.
Benefits of Using Custom Policies
- Increase Flexibility: Tailor compliance and governance rules to your specific needs.
- Ensure Consistency: Apply the same governance standards across teams or the entire organization.
- Enhance Security: Enforce encryption and monitoring for sensitive resources automatically.
Apply Custom Policies to appStacks
- Custom policies are JSON-based, allowing high flexibility.
- They enable both simple configurations and complex governance rules.
- Create Policies via CLI: Custom policies are created using the StackGen CLI and are defined in JSON format.
- Assign Policies to appStacks: Once created, custom policies can be applied to specific appStacks or organization-wide.
Assign Custom Policies to Resources
Consider a scenario where you need custom roles and resource mappings. You would need to do the following:
- Create IAM Roles: Define read-only roles for database access or full-access roles for app hosting.
- Map Resources Efficiently: Ensure that appStack references a specific database service for consistency.
By using custom policies in StackGen, organizations can define and enforce their own governance standards, ensuring resources stay secure, compliant, and aligned with internal infrastructure policies.
Next Steps
To learn how to create custom and manage custom policies refer to the CLI Guide