tb_pulumi.constants

Some global values that should not change often and do not rely on runtime data.

tb_pulumi.constants.ASSUME_ROLE_POLICY = {'Statement': [{'Action': 'sts:AssumeRole', 'Effect': 'Allow', 'Principal': {'Service': None}, 'Sid': ''}], 'Version': '2012-10-17'}

AWS IAM Assume Role Policies often follow this template.

tb_pulumi.constants.CLOUDWATCH_METRIC_ALARM_DEFAULTS = {'enabled': True, 'evaluation_periods': 2, 'period': 60, 'statistic': 'Average', 'threshold': 10}

Most common settings for Cloudwatch metric alarms

tb_pulumi.constants.DEFAULT_AWS_SSL_POLICY = 'ELBSecurityPolicy-2016-08'

Good default policy when setting up SSL termination with an ELB

tb_pulumi.constants.DEFAULT_PROTECTED_STACKS = ['prod']

Which Pulumi stacks should get resource protection by default

tb_pulumi.constants.IAM_POLICY_DOCUMENT = {'Statement': [{'Effect': 'Allow', 'Sid': 'DefaultSid'}], 'Version': '2012-10-17'}

IAM policies often extend this template.

tb_pulumi.constants.SERVICE_PORTS = {'mariadb': 3306, 'mysql': 3306, 'postgres': 5432}

Map of common services to their typical ports