congress

Gather and author policy library

Bug #1669948 reported by Eric K on 2017-03-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	congress	Fix Released	High	Tim Hinrichs	congress pike-3

Bug Description

Gather and author commonly applicable policies, perhaps from the following Sources
https://github.com/capitalone/cloud-custodian
NTT
ATT (bryan)
AWS ConfigRules

May be good to start a google doc that people can comment on / contribute to.

Tags:

Eric K (ekcs) on 2017-03-07

tags:

added: policy-lib

Eric K (ekcs) on 2017-03-07

tags:

added: pike-goal

Revision history for this message

Tim Hinrichs (thinrichs) wrote on 2017-03-07:

Started the Google doc. Moved all the ATT use cases over from the Congress Examples.

https://docs.google.com/document/d/12f1VciulhT9yCYOc7jiulGiLT-tFpffLxNOpr-2QX2I/edit#

Revision history for this message

Tim Hinrichs (thinrichs) wrote on 2017-03-16:

Moved a couple of use cases from AWS over to the doc.

At this point, we have enough examples that we could move over to writing code.

Eric K (ekcs) on 2017-05-25

Changed in congress:
status:	New → In Progress

Eric K (ekcs) on 2017-07-06

Changed in congress:
milestone:	pike-1 → pike-3

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25: Fix merged to congress (master)

Reviewed: https://review.openstack.org/484094
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=c4a1844a27e3b6e78f7015bc722a7764388cc51f
Submitter: Jenkins
Branch: master

commit c4a1844a27e3b6e78f7015bc722a7764388cc51f
Author: Eric Kao <email address hidden>
Date: Fri Jul 14 21:05:06 2017 -0700

Add disallowed images policy to library

Partially implements: blueprint policy-library
Partial-Bug: 1669948

Change-Id: I0fb306ea2e0be84f1a75b6a951aba471bb3cd6d4

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/485053
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=63127e7ad3accbd2daba3a9ce7113d98133d5ce4
Submitter: Jenkins
Branch: master

commit 63127e7ad3accbd2daba3a9ce7113d98133d5ce4
Author: Eric Kao <email address hidden>
Date: Tue Jul 18 23:12:32 2017 -0700

add volume encryption policies

Partially implements: blueprint policy-library
Partial-Bug: 1669948

Change-Id: I0ec9cd6b946d453c4dedf2b9f32c541a9ffe9787

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/485841
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=fff4b24a4bbd1aafcfc8ec19b8c8b9cbd25f7a45
Submitter: Jenkins
Branch: master

commit fff4b24a4bbd1aafcfc8ec19b8c8b9cbd25f7a45
Author: Eric Kao <email address hidden>
Date: Thu Jul 20 15:50:50 2017 -0700

Add network gateway policy

Partially implements: blueprint policy-library
Partial-Bug: 1669948

Change-Id: I805f7347258fcdf034fc345d193096607765c851

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/485052
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=bd877fe9186825099c569f6326ca040a1d29a142
Submitter: Jenkins
Branch: master

commit bd877fe9186825099c569f6326ca040a1d29a142
Author: Eric Kao <email address hidden>
Date: Tue Jul 18 23:10:21 2017 -0700

add security groups and unsafe traffic policies

policy that classifies security groups and extends to
network ports and compute instances.

flags security groups labeled as secure that nonetheless
allow unsafe traffic.

Partially implements: blueprint policy-library
Partial-Bug: 1669948

Change-Id: I779493a1dcf4eb4b09d2f9c28a730edd5365cfc7

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/484092
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=c7e13f494791fc3dbeedd2bd27e404e7560e055d
Submitter: Jenkins
Branch: master

commit c7e13f494791fc3dbeedd2bd27e404e7560e055d
Author: Eric Kao <email address hidden>
Date: Fri Jul 14 16:30:14 2017 -0700

Split disallowed flavor policy into monitor and remediation

Some users want the monitoring but not the remediation

Partially implements: blueprint policy-library
Partial-Bug: 1669948

Change-Id: Id14b2148f6ce41e9ffbd23d403fb4d5ebfb840da

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/486259
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=9203c09d4f3cb70903a0ee3146d51fb5180534d5
Submitter: Jenkins
Branch: master

commit 9203c09d4f3cb70903a0ee3146d51fb5180534d5
Author: Eric Kao <email address hidden>
Date: Thu Jul 20 22:19:41 2017 -0700

Add cross project network policy

Partial-Bug: 1669948

Change-Id: I5938bde60cd35d6f261e88175e01be3ded0ab99f

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-25:

Reviewed: https://review.openstack.org/485892
Committed: https://git.openstack.org/cgit/openstack/congress/commit/?id=9498f701118961ad3ce56256baff54a93fb5d4e2
Submitter: Jenkins
Branch: master

commit 9498f701118961ad3ce56256baff54a93fb5d4e2
Author: Eric Kao <email address hidden>
Date: Thu Jul 20 17:23:06 2017 -0700

add server utilization policy

Partial-Bug: 1669948
Change-Id: I3df9e6b61728939102a0a598582073192cd159d5

Eric K (ekcs) on 2017-09-19

Changed in congress:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Library of common policies for Congress

Remote bug watches

Bug watches keep track of this bug in other bug trackers.