Centralised policy management - add groups to security policy scope
Release notes
Problem to solve
The compliancy team in large organisations can find using multiple policy projects (per namespace/group/project) a daunting task and would prefer having a more granular control in a centralised repository: 1 to rule them all
Proposal
Extend the Security Policy Scope to allow the use of groups/group ids. Currently we only support compliance frameworks and projects, but for large organisation this is too granular
- Allow adding a group to the scope to include for enforcement
- Allow adding groups to the exception/exclusion list -- e.g. enforce against all projects except for projects in group A and Group B.
Intended users
Feature Usage Metrics
Does this feature require an audit event?
Edited by Grant Hickman