Turbot Guardrails Baselines provide best-practice configurations and examples for setting Turbot Guardrails policies. Baselines are implemented with Terraform, allowing you to manage and provision Turbot Guardrails with a repeatable, idempotent, versioned infrastructure-as-code approach.
| Baseline | Path | Description |
|---|---|---|
| AWS Mods | aws_mods | A common list of AWS mods to install |
| AWS Service Enabled | aws_service_enabled | Enable or disable AWS services in Guardrails |
| Azure Mods | azure_mods | A common list of Azure mods to install |
| Azure Service Enabled | azure_service_enabled | Enable or disable Azure services in Guardrails; register or deregister Azure providers |
| GCP Mods | gcp_mods | A common list of Google Cloud Platform (GCP) mods to install |
| GCP Service Enabled | gcp_service_enabled | Enable or disable GCP services in Guardrails; enable or disable GCP Service APIs |
| Folder Hierarchy | folder_hierarchy | Create a folder hierarchy in your workspace |
| Guardrails Mods | guardrails_mods | A common list of Guardrails mods to install |
| Local Directory | local_directory | Create a local directory and users in your workspace |
| Turbot Directory | turbot_directory | Create Turbot directory and profiles in your workspace |
| Workspace Settings | workspace_settings | Apply a common set of policies for better management of your workspace |
To create a policy pack through Terraform:
- Ensure you have
Turbot/Ownerpermissions in Guardrails - Create access keys in Guardrails
And then set your credentials:
export TURBOT_WORKSPACE=myworkspace.acme.com
export TURBOT_ACCESS_KEY=acce6ac5-access-key-here
export TURBOT_SECRET_KEY=a8af61ec-secret-key-herePlease see Turbot Guardrails Provider authentication for additional authentication methods.
Clone:
git clone https://github.com/turbot/guardrails-samples.git
cd guardrails-samples/baselines/guardrails/local_directoryRun the Terraform to create the policy pack in your workspace:
terraform init
terraform planThen apply the changes:
terraform apply