Feature Description
Allow the essentialcontacts.managed.allowedContactDomains allow-list to be set via fast/stages-aw/0-bootstrap/data/custom-org-policies/platform_policy.yaml
Use Case
The Security Best Practice guide strongly suggests making changes to the Essential Contacts Domain Allow-List Org Policy via IaC. Stellar Engine presently will not accept such changes.
Proposed Solution
Accept the parameters argument to managed org-policies via their YAML definition and pass it through to the org policy TF resources.
Compliance & Deployment Context
- Target Deployment Type(s):
- Relevant NIST 800-53r5 Controls: (If applicable, list the controls this feature helps satisfy)
Reusability Check
Stellar Engine prioritizes reusability.
Alternatives Considered
The current alternative is to update the Security Best Practice Guide to accurately (with respect to the state of the repository presently) reflect that this update would be made via click-ops.
Feature Description
Allow the
essentialcontacts.managed.allowedContactDomainsallow-list to be set via fast/stages-aw/0-bootstrap/data/custom-org-policies/platform_policy.yamlUse Case
The Security Best Practice guide strongly suggests making changes to the Essential Contacts Domain Allow-List Org Policy via IaC. Stellar Engine presently will not accept such changes.
Proposed Solution
Accept the
parametersargument to managed org-policies via their YAML definition and pass it through to the org policy TF resources.Compliance & Deployment Context
Reusability Check
Stellar Engine prioritizes reusability.
Alternatives Considered
The current alternative is to update the Security Best Practice Guide to accurately (with respect to the state of the repository presently) reflect that this update would be made via click-ops.