Create a Cloud Rule
Cloud rules are collections of cloud-specific resources that can be applied to cloud accounts.
To create a cloud rule:
- Select Cloud Management > Cloud Rules.
- Click Add New.
- In the Cloud Rule Name field, enter a name to identify the cloud rule throughout the application. This field must be unique among cloud rules.
- In the Owners dropdown menu, select users and user groups that will have permission to edit this cloud rule.
- (Optional) Select pre- and post-rule webhooks to apply.
- If you are using AWS:
- Select AWS Service Control Policies to apply. These SCPs will apply account-wide for accounts associated with the objects this cloud rule is applied to.
- Select AWS IAM Policies to apply to cloud access roles when this cloud rule is applied.
- Select AWS AWS CloudFormation Templates to apply to cloud accounts when this cloud rule is applied.
- Select AWS AMIs to apply.
- Select AWS Service Catalog Portfolios to apply.
- If you are using Azure:
- Select Azure Role Definitions to apply.
- Select Azure Policy Definitions to apply.
- Select Azure ARM Templates to apply to subscriptions when this cloud rule is applied.
- If you are using Google Cloud:
- Select Google Cloud IAM Roles to apply.
- Select Compliance Standards to apply to this cloud rule. Compliance standards are applied to cloud rules, which are applied to projects. All resources within that project will be subject to the compliance checks included in that compliance standard. For more information, see Compliance Overview.
- Click Create Cloud Rule.
Once the cloud rule is created, it can be applied to OUs and projects to distribute the resources and settings specified within it. For information on applying cloud rules, see Managing Cloud Rules on Resources. For information on how cloud rules are inherited once applied, see Cloud Rule Inheritance and Exemption.