Security-restricted environments
eladb opened this issue · 2 comments
eladb commented
PR | Champion |
---|---|
# |
Description
- Permission Boundaries
- Bootstrapping Privileges
- Enforcement of policy during synth (aspects?), during deployment (CFN hooks?) and at runtime (AWS Config?)
Progress
- Tracking Issue Created
- RFC PR Created
- Core Team Member Assigned
- Initial Approval / Final Comment Period
- Ready For Implementation
- implementation issue 1
- Resolved
richardhboyd commented
Slightly related to Permissions Boundaries, but I'd also like to see Resource Boundaries. CDK is in a great position to enforce "no EC2 resources may be created" or "no IAM resources may be imported" to accommodate some highly regulated environments.