thinking about resource providers in the context of org-formation these resources will be applied to multiple accounts at the same time.
I was thinking of implementing https://github.com/OlafConijn/AwsOrganizationFormation/issues/84 using a resource called RegionDefaults. this can then by applied to any number of account/region combinations. I also thought about collecting similar settings (region scope) in the same resource. Logically there would also be a resource called AccountDefaults with a collection of settings that make sense to include in org-formation.
Question becomes: Would password policy be an account default? or its own resource?
IAM Alias will not be a default because it will (certainly) change for each account, but Password Policy is likely to be the same.
Another question: Would service limits have their own resource? or would limits be part of the 'account defaults'?
honestly dont know yet. somehow inclined to have Password Policy be part of an AccountDefaults resource and get service limits a resource of their own.
thinking about resource providers in the context of org-formation these resources will be applied to multiple accounts at the same time.
I was thinking of implementing https://github.com/OlafConijn/AwsOrganizationFormation/issues/84 using a resource called
RegionDefaults
. this can then by applied to any number of account/region combinations. I also thought about collecting similar settings (region scope) in the same resource. Logically there would also be a resource calledAccountDefaults
with a collection of settings that make sense to include in org-formation.e.g.
Question becomes: Would password policy be an account default? or its own resource? IAM Alias will not be a default because it will (certainly) change for each account, but Password Policy is likely to be the same.
Another question: Would service limits have their own resource? or would limits be part of the 'account defaults'?
honestly dont know yet. somehow inclined to have Password Policy be part of an AccountDefaults resource and get service limits a resource of their own.
what do you think? thanks