Policy: OCI > IAM > Customer Secret Key > Allowed > Custom > Rules
Determine whether the OCI IAM customer secret key is allowed to exist based on custom rules.
This policy will be evaluated by the Allowed > Custom control. If an OCI IAM customer secret key is not allowed, it will be subject to the action specified in the Allowed > Custom policy.
Note: The policy value must be a string with a value of Allowed, Not allowed or Skip, or in the form of YAML objects. The object(s) must contain the key result with its value as Allowed or Not allowed. A custom title and message can also be added using the keys title and message respectively.
Examples:
Simple string values: yaml - Allowed - Not allowed - Skip
Object format with custom message: yaml - result: Allowed - title: Cost Center Check result: Not allowed - title: Environment Tag Check result: Allowed message: Resource has valid environment tag
Multiple rules (array): yaml - - title: Cost Center Check result: Allowed message: Resource has valid cost center tag - title: Owner Tag Check result: Not allowed message: Resource missing required owner tag
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
Setting this policy configures this control:
Policy Specification
Default | |
|---|---|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceAllowed
- tmod:@turbot/oci-iam#/policy/types/customerSecretKeyAllowedCustomRules
- turbot graphql policy-type --id "tmod:@turbot/oci-iam#/policy/types/customerSecretKeyAllowedCustomRules"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/oci-iam#/policy/types/customerSecretKeyAllowedCustomRules"
Get Policy TypeGet Policy Settings