policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_applicationGateways_zones.rego (12 lines of code) (raw):

package Azure_Proactive_Resiliency_Library_v2 import rego.v1 valid_azapi_deploy_application_gateway_in_a_zone_redundant_configuration(resource) if { resource.values.body.zones == resource.values.body.zones count(resource.values.body.zones) >= 2 } deny_deploy_application_gateway_in_a_zone_redundant_configuration contains reason if { resource := data.utils.resource(input, "azapi_resource")[_] data.utils.is_azure_type(resource.values, "Microsoft.Network/applicationGateways") not valid_azapi_deploy_application_gateway_in_a_zone_redundant_configuration(resource) reason := sprintf("Azure-Proactive-Resiliency-Library-v2/deploy_application_gateway_in_a_zone_redundant_configuration: '%s' `azapi_resource` must have must have configured to use at least 2 Availability Zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#deploy-application-gateway-in-a-zone-redundant-configuration", [resource.address]) }