Closed vpegg closed 1 year ago
It might be harder to implement, but is there a way to add a mode that updates the solution DynamoDB with the latest artifacts out there in SSO? As a bonus, also create the equivalent artifacts in S3 if S3 mode is enabled.
Use case:
Once this capability is introduced, a future effort might be to enable "Git-like" user level merge control. I.e., for each conflict between Dynamo and live, let the user select which way to merge ("left" or "right", "mine" or "theirs", or however you want to word it). Sometimes we might want some of both ways to merge...
Hi @allquixotic , I am hoping https://github.com/aws-samples/aws-sso-extensions-for-enterprise/issues/94#issuecomment-1181691995 would answer the out of sync use case.
To clarify, we would rely on SSO as state of truth always for permisison set management and compute delta etc, on that basis. This would help us align with what the customer sees in SSO, and align the solution with an org specific controls.
This, along with us handling https://github.com/aws-samples/aws-sso-extensions-for-enterprise/issues/80 would help close this gap.
The difference between your proposal versus what we are aiming for is that the solution always uses SSO as its source of truth and operates on that premise.
Let us know what you think about this.
Issue #, if available: Fixes #75 #59 #47
Description of changes:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.