Select
Under the section POLICY LIST click the policy name. Click Editor → the tab 'Editor' on the left → open the tab Code* to review the policy code.
1) // SObject Type
Define an input object your policy will be checking (e.g. AWS EC2 instances)
2) // Output SObject Type
Select the output object type which will store the policy check results (e.g. CloudAware Policy Violation).
Note |
---|
You will not be able to make any changes to the input object and the output object type selected once the policy is deployed! As for other changes, you can make updates to unmanaged policies. Managed policies can be updated by Cloudaware only. |
3) // How many objects will be processed per job call
You can change the batch size (final Integer batchSize = ???
).
Note |
---|
Maximum size is 2000. If exceeded, you can receive the error "Apex CPU time limit exceeded". |
4) // Lifecycle configuration
Configure the lifecycle to define under what conditions the output objects are created or closed after evaluation of input objects (e.g. incomplianceСreates means that the output object is created only in cases when an input object is incompliant).
Note |
---|
You can customize your policy either using pre-built lifecycles or writing a lifecycle of your own applying available methods. Use the following methods to define the conditions when an output object is created or closed: |
incomplianceCreates() - if an input object is considered to be incompliant based on evaluation in Process, the corresponding output object gets the status 'incompliant';
...
externalIdField(SObjectField field) - use this parameter to define externalIdField.
5) // Start code
Use the variable context to work with a policy context (global void start() {...
);
6) // SOQL Query
Define input objects that will enter the policy scope. You can make changes to SOQL query to define what objects will be evaluated and what will not.
7) // Process
Set up the logic your policy will use to check an input object for compliance and assign the corresponding statuses to output objects. Input objects are evaluated one-by-one.
The policy logic may be the following: For each AWS EC2 Instance with a value A
in <FIELD1> assign the status 'incompliant' to the output object. If <FIELD1> is B
- assign the status 'compliant'.
Note |
---|
By default, every object which is evaluated in Process is considered Inapplicable. |
The policy logic may be customized any way you like, however, Salesforce limits must be observed. Keep in mind that you should re-configure output objects in the policy lifecycle in order they could be saved with the corresponding statuses (see step 3).
8) // Finish Code
Customize your policy. This part of the policy is run after all objects are evaluated.