Closed faridnsh closed 4 years ago
@alFReD-NSH The auto-approve vs approval workflow is solely depends on the tag on the TGW route table. The solution workflow is not cognizant of VPC properties. Should we need add a mechanism to block the user to create a VPC with a CIDR that does not belong to them?
Hi,
Should we need add a mechanism to block the user to create a VPC
Actually that gave me an idea on how to do this for our organization via tags and SCPs which I think is a better way
Thanks for the help, I'm gonna close this since there's a better way for us.
We want to approve any VPC who's CIDR is registered in our IPAM system and have a certain tag. We would like to approve any VPC in our organisation but in case someone tries to attach a VPC with a CIDR that don't belong to them, this might ruin connectivity for some other teams and we would like to avoid this.