Policy Setting: GCP > Dataproc > Cluster > Approved > Custom
Policies
This policy setting is dependent on the following policy types:
Source
resource "turbot_policy_setting" "gcp_dataproc_cluster_approved_custom" { resource = turbot_policy_pack.main.id type = "tmod:@turbot/gcp-dataproc#/policy/types/clusterApprovedCustom" note = "GCP CIS v2.0.0 - Control: 1.17" template_input = <<-EOT { item: cluster { encryptionConfig: get(path: "config.encryptionConfig") } } EOT template = <<-EOT {% set encryptionConfig = $.item.encryptionConfig %}
{# Check gcePdKmsKeyName property because it doesn't exist incase of GCP managed key #} {%- if encryptionConfig and encryptionConfig.gcePdKmsKeyName -%}
{%- set data = { "title": "Encryption With Customer Managed Key", "result": "Approved", "message": "Cluster is encrypted with customer managed key" } -%}
{%- elif encryptionConfig and not encryptionConfig.gcePdKmsKeyName -%}
{%- set data = { "title": "Encryption With Customer Managed Key", "result": "Not Approved", "message": "Cluster is not encrypted with customer managed key" } -%}
{%- else -%}
{%- set data = { "title": "Encryption With Customer Managed Key", "result": "Skip", "message": "No data for encryption yet" } -%}
{%- endif -%}
{{ data | json }} EOT}