This repository contains sample Policy Packs and queries to help you get started with Turbot Guardrails, ensuring your cloud environments are secure, compliant, and well-governed. It provides teams using Turbot Guardrails automation and configuration-as-code examples for effective management of Guardrails for their organization.
Before you begin, ensure you have met the following requirements:
- You have an active Guardrails workspace.
- You have the necessary permissions to create and manage policies in Guardrails.
- You have set up your cloud provider accounts (AWS, Azure, GCP) and imported them in your Guardrails workspace.
Clone:
git clone https://github.com/turbot/guardrails-samples.git
cd guardrails-samplesPlease see each directory's README that contains specific usage instructions.
The api_examples directory includes working examples of how to call the Guardrails GraphQL API using Python and Javascript (node.js), this can serve a starting point for developing your own scripts or integrations.
The baselines directory provides a starting point for the most common configuration templates needed when creating a new Turbot Guardrails workspace or onboarding a cloud provider resource into Guardrails. Baselines are implemented with Terraform, allowing you to manage and provision Turbot Guardrails with a repeatable, idempotent, versioned infrastructure-as-code approach.
The enterprise_installation directory contains some common (and uncommon) helpers that are sometimes used as part of complex enterprise installations of Guardrails. Guardrails support or professional services will direct you to use these when needed for your install.
The guardrails_utilities directory contains useful scripts and utilities for common guardrails support operations (both enterprise and SaaS). Guardrails support or professional services will direct you to use these when needed.
The mod_examples directory contains a working example of a custom mod that can serve as the basis for writing your own custom integration for Turbot Guardrails.
The policy_packs directory includes policy configurations for implementing common best practices for security, FinOps and compliance configured via Guardrails policy settings. The Policy Packs are implemented with Terraform, allowing you to manage and provision Guardrails with a repeatable, idempotent, versioned infrastructure-as-code approach.
The queries directory contains GraphQL queries that can be run in your Turbot Guardrails environment to assess compliance and security status of your cloud resources. These queries are designed to retrieve specific data points from your cloud environment, enabling you to enforce policies, generate reports, and monitor compliance. Each query is tailored to address a particular governance requirement or best practice.
This repository is published under the Apache 2.0 license. Please see our code of conduct. We look forward to collaborating with you!
Want to help but not sure where to start? Pick up one of the help wanted issues: