use inputs rather than hard coded lists or sets

[aaronlippold]

on many of the controls I am seeing a hardcoded list of ports, etc. to make the profile have the ability to account for organizational adjustments - aka 'overlays' - move these sets to shared inputs in the inspec.yml so that organizations can tailor their profiles easily should they add or perhaps remove allowed ports, accounts, etc. more easily and not having to modify the controls.

[aaronlippold]

https://github.com/mitre/microsoft-windows-10-stig-baseline/blob/jb-windows10-controls-enhancements/inspec.yml

For example, the above allows us to easily update for environments etc.

[KonradSchieban]

https://github.com/mitre/microsoft-windows-10-stig-baseline/blob/jb-windows10-controls-enhancements/inspec.yml

For example, the above allows us to easily update for environments etc.

This repo seems private / or non-existent. Can you please point to similar examples?

[aaronlippold]

That branch has been merged into master just hop to master and you'll see the example

On Thu, Apr 9, 2020, 12:13 AM Konrad Schieban notifications@github.com wrote:

https://github.com/mitre/microsoft-windows-10-stig-baseline/blob/jb-windows10-controls-enhancements/inspec.yml

For example, the above allows us to easily update for environments etc.

This repo seems private / or non-existent. Can you please point to similar examples?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/GoogleCloudPlatform/inspec-gcp-pci-profile/issues/9#issuecomment-611317741, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALK42DVJ7NMWDYFDLG3F33RLVDOZANCNFSM4LTZB2IA .

[binamov]

This was fixed in https://github.com/GoogleCloudPlatform/inspec-gcp-pci-profile/pull/18