IaC Policy Controls

Introduction

Evaluation of IaC resources is performed using the same Posture policies and controls as CSPM.

The set of policies that apply when evaluating a folder in a repository is defined by creating Zones.

When running a GitHub integration to check the compliance of a pull request during development, Sysdig will collect all the policies that apply for that context (the repository, folder and branch pattern) according to the defined zones, and run the controls from those polcies that apply for the evaluated resource type.

You can navigate in the product to Policies > Posture Policies to find the list of requirements and controls for each policy.