Policies
Introduction
- Policies allow you enforce certain rules for all the stacks deployed using the given stacktape configuration.
- They can be used to enforce organization-level best practices and avoid accidental mistakes.
Policies API reference
allowedStages
allowedRegions
cloudformationStackPolicies
Simple policies
allowedStages
- The stack can be deployed to only specified stages.
Copy
allowedStages: ["production", "staging", "testing", "dev-john", "dev-jane"]
allowedRegions
- The stack can be deployed to only specified regions.
Copy
allowedRegions: ["eu-west-1"]
More policies will be added soon.
Cloudformation stack policies
- Stack policies allow you to restrict specific operations (such as update or delete) to specific resources defined in the stack.
- By default, Stacktape creates stack policies that restrict update/delete for databases with
deletionProtectionenabled. - To learn more about stack policies, refer to AWS docs
CfStackPolicyStatement API reference
Parent API reference: Policies
Resource
Required
Principal
Required
Effect
Action
Condition