-
Notifications
You must be signed in to change notification settings - Fork 27
/
ps-rule.yaml
72 lines (56 loc) · 1.61 KB
/
ps-rule.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#
# PSRule for Azure configuration
#
# Please see the documentation for all configuration options:
# https://aka.ms/ps-rule/options
# https://aka.ms/ps-rule-azure/options
# Configure binding for local rules.
binding:
preferTargetInfo: true
targetType:
- type
- resourceType
# Do not warn if an Azure resource or related object has no rules.
execution:
unprocessedObject: Ignore
# Require minimum versions of modules.
requires:
PSRule: '@pre >=2.9.0'
PSRule.Rules.Azure: '@pre >=1.34.2'
# Use PSRule for Azure.
include:
module:
- PSRule.Rules.Azure
# Configure the output culture for recommendations.
output:
culture:
- 'en-US'
input:
pathIgnore:
# Ignore other files in the repository.
- '**'
# Include deployments.
- '!deployments/**/*.bicepparam'
- '!deployments/**/deploy.bicep'
# Include module tests.
- '!modules/**/*.tests.bicep'
configuration:
# Enable automatic expansion of Azure parameter files.
AZURE_PARAMETER_FILE_EXPANSION: true
# Enable automatic expansion of Azure Bicep source files.
AZURE_BICEP_FILE_EXPANSION: true
AZURE_BICEP_PARAMS_FILE_EXPANSION: true
# Configures the number of seconds to wait for build Bicep files.
AZURE_BICEP_FILE_EXPANSION_TIMEOUT: 10
# Enable Bicep CLI checks.
AZURE_BICEP_CHECK_TOOL: true
# Configure the minimum version of the Bicep CLI.
AZURE_BICEP_MINIMUM_VERSION: '0.25.53'
AZURE_DEPLOYMENT_NONSENSITIVE_PARAMETER_NAMES:
- keys
# Suppression ignores rules for a specific Azure resource by name.
suppression:
Azure.KeyVault.Logs:
- kvtest001
Azure.Storage.BlobPublicAccess:
- sttest001