Provision the client community with access to CSPM CloudGuard

[ActionAnalytics]

Describe the issue We wish teams to be able to consume and benefit from the CSPM tool.

Additional context

• Cloud Security Posture Management is default configured to consume for authorization AWS Organizational Units, GCP Folders and Azure Management Groups.
• In our SEA models, we use the above grouping structures for security policy logical grouping, so we can't use organizational units in the "normal" vanilla way
• might be possible to automate via a TF module to automate OU's within CloudGuard but PO would prefer if it could consume tags instead.

Definition of done

• Talk to Mark L on the Parks team and use them as a guinea pig for trying this out
• Mark should be able to log in via SSO, and only see workload environments that pertain to the scope of his team's work

[lukegonis]

@bruce-wh-li can you please update this issue or close it if it is complete/irrelevant.

[bruce-wh-li]

We had onboarded HLTH and Forest Client API Team of WLRS to CSPM already.