Skip to main content

Modify a Policy

Now, imagine you decide to improve your security posture by adding a new rule about Terraform and public cloud configuration.

In the Styra DAS, navigate back to the same policy file as earlier: your system name >> policy >> aws >> ec2 >> rules.rego.

Add the following rule to your policy to prohibit overly-permissive IAM settings on AWS.

enforce[decision] {
data.global.systemtypes["terraform:1.0"].library.provider.aws.iam.restricted_policy.v1.restricted_iam_policy[message]

decision := {
"allowed": false,
"message": message
}
}