Rules name convention AWS
File name with a rule should have the following format: ecc-[cloud]-[id]-[policy_name].yml
Where:
- cloud – the name of the cloud/tool (aws, gcp, azure, k8s)
- id – unique identifier in order
- policy_name – summary of the contents of the rule
policy_name must comply with the following rules:
- the name has only lower letters
- underline is used to separate words
- not too long
| Examples |
|---|
| ecc-aws-240-acm_has_certificates_single_domain_names.yml |
| ecc-gcp-001-corporate_login_credentials.yml |
| ecc-azure-071-cis_app_last_php.yml |
| ecc-k8s-001-apiserver_anonymous_auth_argument_is_set_to_false.yml |
The name of the custodian policy should match the file name, e.g. file name with a rule is ecc-aws-279-expired_ssl_tls_certificates_stored_in_aws_iam_are_removed.yml then custodian policy should have the same name:
The folders with terraform scripts and test folder should also have the same name as a rule.