search

pulumi / examples

Infrastructure, containers, and serverless apps to AWS, Azure, GCP, and Kubernetes... all deployed with Pulumi
https://www.pulumi.com
Apache License 2.0
2.33k stars 873 forks source link

Policy Pack for Azure example not doing anything. #1653

Closed ilionxDvanRemortel closed 1 week ago

ilionxDvanRemortel commented 1 week ago

What happened?

Trying to use this example gives 0 output, just a hanging after "pulumi up": https://github.com/pulumi/examples/tree/master/policy-packs/azure-python

Running Pulumi v3.112.0 pulumi_policy 1.11.0

Debug output/code below

Example

from pulumi_policy import ( EnforcementLevel, PolicyPack, ReportViolation, ResourceValidationArgs, ResourceValidationPolicy, )

def storage_container_no_public_read_validator(args: ResourceValidationArgs, report_violation: ReportViolation): if args.resource_type == "azure:storage/container:Container" and "containerAccessType" in args.props: access_type = args.props["containerAccessType"] if access_type == "blob" or access_type == "container": report_violation( "Azure Storage Container must not have blob or container access set. " + "Read more about read access here: " + "https://docs.microsoft.com/en-us/azure/storage/blobs/storage-manage-access-to-resources")

storage_container_no_public_read = ResourceValidationPolicy( name="storage-container-no-public-read", description="Prohibits setting the public permission on Azure Storage Blob Containers.", validate=storage_container_no_public_read_validator, )

Create the PolicyPack

PolicyPack( name="ILXazure-policy-pack", enforcement_level=EnforcementLevel.MANDATORY, policies=[ storage_container_no_public_read, ] )

Output of pulumi about

CLI
Version 3.112.0 Go Version go1.22.1 Go Compiler gc

Plugins NAME VERSION azure-native 2.47.1 pulumi_policy 1.11.0 python unknown

Host
OS Microsoft Windows 11 Pro Version 10.0.22621 Build 22621 Arch x86_64

This project is written in python: executable='C:\Users\manage\PycharmProjects\ilx-azure-enterprisearch-policy\venv\Scripts\python.exe' version='3.12.0'

Current Stack: ilionxDvanRemortel/ilx-azure-enterprisearch-policy/dev

Found no resources associated with dev

Found no pending operations associated with dev

Backend
Name pulumi.com URL https://app.pulumi.com/ilionxDvanRemortel User ilionxDvanRemortel Organizations ilionxDvanRemortel Token type personal

Dependencies: NAME VERSION pip 24.1 pulumi_azure_native 2.47.1 pulumi_policy 1.11.0 setuptools 70.1.1 wheel 0.43.0

Pulumi locates its logs in C:\Users\manage\AppData\Local\Temp by default

Additional context

pulumi up --stack dev -d

Type                 Name                                 Plan     Info                                                                        
 pulumi:pulumi:Stack  ilx-azure-enterprisearch-policy-dev           debug: registering resource: ty=pulumi:pulumi:Stack, name=ilx-azure-enterpr

(the end, no more info, process keeps running)

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

ilionxDvanRemortel commented 1 week ago

I didn't understand it..... My bad