Policy Setting: GCP > Kubernetes Engine > Zone Cluster > Approved > Custom
Policies
This policy setting is dependent on the following policy types:
Source
resource "turbot_policy_setting" "gcp_kubernetesengine_zone_cluster_approved_custom" { resource = turbot_policy_pack.main.id type = "tmod:@turbot/gcp-kubernetesengine#/policy/types/zoneClusterApprovedCustom" template_input = <<-EOT { zoneCluster { databaseEncryptionState: get(path: "databaseEncryption.state") } } EOT template = <<-EOT {%- if $.zoneCluster.databaseEncryptionState == "ENCRYPTED" -%}
{%- set data = { title: "Encryption for Secrets" result: Approved message: "Encryption for secrets is enabled" } -%}
{%- elif $.zoneCluster.databaseEncryptionState != "ENCRYPTED" -%}
{%- set data = { title: "Encryption for Secrets" result: "Not approved" message: "Encryption for secrets is not enabled" } -%}
{%- else -%}
{%- set data = { title: "Encryption for Secrets" result: "Skip" message: "No data for encryption yet" } -%}
{%- endif -%} EOT}