The Forseti v2.26.0 release and Terraform v6.0.0 release will enable Config Validator by default. In addition, there will be default policies provided. These default policies will replace the default scanning rules for the following scanners:
BigQuery
CloudSQL
IAM
Firewall
KMS
Kubernetes Version
Service Account Key
Proposed Solution
Enable the CV scanner and disable the above scanners by default.
Acceptance Criteria
The install_simple example will be used to perform the testing of these default values and ensure policies are in place.
We need to ensure Forseti tests are still working; create ticket for this.
Blocked By
Story
The Forseti v2.26.0 release and Terraform v6.0.0 release will enable Config Validator by default. In addition, there will be default policies provided. These default policies will replace the default scanning rules for the following scanners:
Proposed Solution
Enable the CV scanner and disable the above scanners by default.
Acceptance Criteria
install_simple
example will be used to perform the testing of these default values and ensure policies are in place.