From 7f68fcc9b4ff379167e0c99d9dd27ce20aafc57c Mon Sep 17 00:00:00 2001 From: Luke Pezet Date: Tue, 6 Aug 2024 20:53:47 -0600 Subject: [PATCH] Reverted changes to policy-library/policies/constraints/serviceusage_allow_basic_apis.yaml. --- .../serviceusage_allow_basic_apis.yaml | 87 ++++++++++--------- 1 file changed, 44 insertions(+), 43 deletions(-) diff --git a/policy-library/policies/constraints/serviceusage_allow_basic_apis.yaml b/policy-library/policies/constraints/serviceusage_allow_basic_apis.yaml index 97eda5d12..9e42f0e4c 100644 --- a/policy-library/policies/constraints/serviceusage_allow_basic_apis.yaml +++ b/policy-library/policies/constraints/serviceusage_allow_basic_apis.yaml @@ -23,50 +23,51 @@ spec: severity: high match: target: # {"$ref":"#/definitions/io.k8s.cli.setters.target"} - - "organizations/**" + - "organizations/**" exclude: [] parameters: mode: allow services: - - "accesscontextmanager.googleapis.com" - - "admin.googleapis.com" - - "appengine.googleapis.com" - - "artifactregistry.googleapis.com" - - "bigquery-json.googleapis.com" - - "bigquery.googleapis.com" - - "billingbudgets.googleapis.com" - - "cloudapis.googleapis.com" - - "cloudasset.googleapis.com" - - "cloudbilling.googleapis.com" - - "cloudbuild.googleapis.com" - - "clouddebugger.googleapis.com" - - "cloudkms.googleapis.com" - - "cloudresourcemanager.googleapis.com" - - "cloudscheduler.googleapis.com" - - "cloudtrace.googleapis.com" - - "compute.googleapis.com" - - "container.googleapis.com" - - "datastore.googleapis.com" - - "dns.googleapis.com" - - "essentialcontacts.googleapis.com" - - "iam.googleapis.com" - - "iamcredentials.googleapis.com" - - "logging.googleapis.com" - - "monitoring.googleapis.com" - - "oslogin.googleapis.com" - - "pubsub.googleapis.com" - - "secretmanager.googleapis.com" - - "securitycenter.googleapis.com" - - "servicemanagement.googleapis.com" - - "servicenetworking.googleapis.com" - - "serviceusage.googleapis.com" - - "sql-component.googleapis.com" - - "storage-api.googleapis.com" - - "storage-component.googleapis.com" - - "workflows.googleapis.com" - - "assuredworkloads.googleapis.com" - - "sts.googleapis.com" - - "cloudfunctions.googleapis.com" - - "storage.googleapis.com" - - "run.googleapis.com" - - "eventarc.googleapis.com" + - "accesscontextmanager.googleapis.com" + - "admin.googleapis.com" + - "appengine.googleapis.com" + - "artifactregistry.googleapis.com" + - "bigquery-json.googleapis.com" + - "bigquery.googleapis.com" + - "billingbudgets.googleapis.com" + - "cloudapis.googleapis.com" + - "cloudasset.googleapis.com" + - "cloudbilling.googleapis.com" + - "cloudbuild.googleapis.com" + - "clouddebugger.googleapis.com" + - "cloudkms.googleapis.com" + - "cloudresourcemanager.googleapis.com" + - "cloudscheduler.googleapis.com" + - "cloudtrace.googleapis.com" + - "compute.googleapis.com" + - "container.googleapis.com" + - "datastore.googleapis.com" + - "dns.googleapis.com" + - "essentialcontacts.googleapis.com" + - "iam.googleapis.com" + - "iamcredentials.googleapis.com" + - "logging.googleapis.com" + - "monitoring.googleapis.com" + - "oslogin.googleapis.com" + - "pubsub.googleapis.com" + - "secretmanager.googleapis.com" + - "securitycenter.googleapis.com" + - "servicemanagement.googleapis.com" + - "servicenetworking.googleapis.com" + - "serviceusage.googleapis.com" + - "sourcerepo.googleapis.com" + - "sql-component.googleapis.com" + - "storage-api.googleapis.com" + - "storage-component.googleapis.com" + - "workflows.googleapis.com" + - "assuredworkloads.googleapis.com" + - "sts.googleapis.com" + - "cloudfunctions.googleapis.com" + - "storage.googleapis.com" + - "run.googleapis.com" + - "eventarc.googleapis.com"