Update readme and add custom baseline (#48)

BernieWhite · web-flow · commit 48aead2df998 · 2024-08-15T01:50:19.000+10:00
diff --git a/.ps-rule/Baseline.Rule.yaml b/.ps-rule/Baseline.Rule.yaml
@@ -0,0 +1,24 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+# IMPORTANT:
+# This file demonstrates defining YAML-based custom baselines.
+# To correctly find resources set binding configuration within ps-rule.yaml.
+# See: https://azure.github.io/PSRule.Rules.Azure/customization/using-custom-rules/#set-binding-configuration
+
+---
+# Synopsis: This is an example of a custom baseline that only includes GA rules in the Security and Reliability pillars.
+apiVersion: github.com/microsoft/PSRule/v1
+kind: Baseline
+metadata:
+  name: Org.Custom.Baseline
+spec:
+  rule:
+    tag:
+      release: GA
+      Azure.WAF/pillar:
+        - Security
+        - Reliability
+
+    exclude:
+      - Azure.Deployment.Name
diff --git a/.ps-rule/Org.Rule.yaml b/.ps-rule/Org.Rule.yaml
@@ -2,7 +2,7 @@
 # Licensed under the MIT License.
 
 # Note:
-# This files demonstrates using YAML-based rules.
+# This file demonstrates defining YAML-based custom rules.
 
 ---
 # Synopsis: Azure resource must have an valid env tag set.
diff --git a/README.md b/README.md
@@ -22,13 +22,14 @@ This repository includes:
   - The `ms-analyze.yaml` file can be ignore or removed as this will not execute outside this repository.
 - **Azure Pipelines** &mdash; Starter pipeline for checking Azure Infrastructure as Code (IaC).
   - Use the files in the `.pipelines/` to check your Azure IaC with Azure Pipelines.
-- **Custom rules** &mdash; Example custom rules that enforce organization specific requirements.
-  - Use the files in the `.ps-rule/` folder to configure custom rules.
+- **Custom rules and baselines** &mdash; Example custom rules and baselines.
+  - These rules and baselines can be used to enforce organization specific requirements.
+  - Use the files in the `.ps-rule/` folder to configure custom rules and baselines.
 - **PSRule options** &mdash; Example options for using PSRule for Azure.
   - PSRule options are configures within `ps-rule.yaml`.
   - Options include suppressing rules, configuring input/ output, and any rules modules.
 
-> **ARM templates**
+> [!NOTE]
 > PSRule for Azure supports ARM templates in addition to Bicep code.
 > However going forward this repository will focus on Bicep deployments and modules.
 > Existing ARM templates samples are no longer maintained and have been archived.
diff --git a/ps-rule.yaml b/ps-rule.yaml
@@ -13,6 +13,7 @@ binding:
     - type
     - resourceType
 
+# Do not warn if an Azure resource or related object has no rules.
 execution:
   unprocessedObject: Ignore
 
@@ -26,6 +27,7 @@ include:
   module:
     - PSRule.Rules.Azure
 
+# Configure the output culture for recommendations.
 output:
   culture:
     - 'en-US'
