Initial policies and method for creating policy definition.

pk/atst

This adds some initial example policies:

- One for region restrictions
- One for service restrictions

Note that the MS ARM team has said that region restrictions may be
controlled by ARM, so that policy might prove unnecessary. The
parameters list for the service restrictions is stubbed for now, pending
the full list.

I also added an internal method for adding policy definitions to a
management group. This method is agnostic about what tier of management
group the policy is being defined at. It requires that a dictionary
representing the properties section of a valid Azure JSON policy
definition be passed as an argument.

This commit is contained in:

dandds

2019-12-13 16:32:46 -05:00

parent 7dbdeb3ae7

commit b61956080e

8 changed files with 309 additions and 87 deletions

									
										1

Pipfile
									
												View File
												
				@@ -30,6 +30,7 @@ azure-graphrbac = "*"

				msrestazure = "*"

				azure-mgmt-authorization = "*"

				azure-mgmt-managementgroups = "*"

				azure-mgmt-resource = "*"

				[dev-packages]

				bandit = "*"

Initial policies and method for creating policy definition.

1 Pipfile Unescape Escape View File

1

Pipfile

View File