metrics: Fill in Amoe metric templates#218
Open
franzling wants to merge 26 commits into
Open
Conversation
anatheka
reviewed
Jan 13, 2026
anatheka
left a comment
Collaborator
There was a problem hiding this comment.
We changed the target branch to main.
Please update the following points:
- Rename folder and
namefields to self-explaining names without Q1, Q2, ... - Change targetValues to integer values, if you use the operator "<=" or similar
- Only use sentences like "The rule assesses whether ..." in the description . The other information move to the comment part.
- Delete
| Selector: PolicyDocument (Resource Type)and change[Resource]to[PolicyDocument]in the description part. - Delete
TBDin the comments part if not needed. - Add the resource type check in applicable in the metric.rego files, see comment.
lebogg
reviewed
Jan 15, 2026
lebogg
reviewed
Jan 20, 2026
lebogg
left a comment
Collaborator
There was a problem hiding this comment.
See my suggested changes. For each metric:
- Fix the package name (same as metric folder name but in snake case)
- I would use the Selector part within the Description and remove it from the comments (The reason: For now it is only Policy Document relevant. Later, if we say also another collector will use this, we can still generalize it to "Resource")
- I would remove the "Previous name..." part from the comments.
….rego Co-authored-by: Nico Haas <40119051+lebogg@users.noreply.github.com>
…ringReviewFrequency.yaml Co-authored-by: Nico Haas <40119051+lebogg@users.noreply.github.com>
anatheka
reviewed
Jan 23, 2026
Collaborator
There was a problem hiding this comment.
A first review: I couldn’t read all metrics, but I’ve read some in detail and skimmed others.
I think it already looks very good, I just have a few comments:
- Most of my comments apply to all metrics—for example, specifying the “time period” in the comments so it’s clear what time period exactly is to be checked.
- As mentioned in the comment for the metric MonitoringReviewFrequency, please delete or remove the specific AMOE or EMERALD information from the comments section and use the PolicyDocument as specific resource in the description.
| category: "Cryptography and Key Management" | ||
| version: "1.0" | ||
| comments: "TBD" | ||
| comments: "This metric assesses the required minimum AES key length. | Selector: PolicyDocument (Resource Type) [Previous name: EncryptionPolicyQ4]" |
Collaborator
There was a problem hiding this comment.
I’m thinking about whether it would make sense to indicate directly in the metric name that it represents a policy evaluation. What do you think @lebogg ?
If we want to do so, we should do it in the other metrics as well.
Contributor
Author
|
addressed proposals over all files. please review |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Draft of AMOE metric contents including the metric.rego files
The parameters need to be included into the ontology.
To propose a new compliance metric, please make sure to check off each box below: