SECURITY
Make secure configuration mandatory
Ensure your cloud configurations do not leak sensitive customer data.
Best practices
Embed security best practices into our guardrails and blueprints for secure configuration at scale👇
Secure infrastructure configuration at scale
Resourcely blueprints and guardrails give security teams tools to enforce security policy without impeding development teams
Secure-by-default configuration
From reactive to proactive security posture
Policy-as-code built for humans
Scale security best practices
Secure-by-default configuration
Customize blueprints that keep your developers shipping fast while remaining secure
Embed into your existing change management and CICD process
Create global rules and context that stop breaches and incidents in their tracks
Prevent misconfigured IAM roles
Policy-as-code built for humans
Stop spending hours writing Rego or Sentinel
Rego/OPA
1checkRequireSSLEnabled[db_instance.id] {
2 db_instance := input.google_sql_database_instance[_]
3 setting := db_instance.config.settings[_]
4 not setting.ip_configuration
5} {
6 db_instance := input.google_sql_database_instance[_]
7 setting := db_instance.config.settings[_]
8 ip_configuration = setting.ip_configuration[_]
9 not ip_configuration.require_ssl
10} {
11 db_instance := input.google_sql_database_instance[_]
12 setting := db_instance.config.settings[_]
13 ip_configuration = setting.ip_configuration[_]
14 ip_configuration.require_ssl == false
15}
16
17checkNoPublicAccess[db_instance.id] {
18 db_instance := input.google_sql_database_instance[_]
19 setting := db_instance.config.settings[_]
20 count(setting.ip_configuration) > 0
21 ip_configuration = setting.ip_configuration[_]
22 count(ip_configuration.authorized_networks) > 0
23 authorized_network = ip_configuration.authorized_networks[_]
24 authorized_network.value == "0.0.0.0"
25}
Resourcely
1GUARDRAIL "GCP database network config"
2 WHEN google_sql_database_instance
3 REQUIRE settings.ip_configuration HAS
4 require_ssl = true
5 NO authorized_networks.value = "0.0.0.0"
Testimonial
Resourcely helps keep developers shipping fast in a secure fashion, reducing guess work and avoiding incidents that stem from misconfiguration.
Spencer Kimball
CEO/Angel Investor, Cockroach Labs