Terraform rules working

terraform/policy_backup/policies_test.md

@@ -0,0 +1,14 @@
+
+# Deny if VM does not have a backup strategy
+deny[msg] {
+    vm := get_vms[_]
+    not vm.values.backup
+    msg := sprintf("VM '%s' must have backup enabled for disaster recovery.", [vm.name])
+}
+
+# Deny if VM does not have proper tags for identification
+deny[msg] {
+    vm := get_vms[_]
+    is_empty(vm.values.tags)
+    msg := sprintf("VM '%s' must have tags for proper identification and management.", [vm.name])
+}