Governance rules at the organization level
Would it be possible to be able to set up governance rules at the organization level in order to control certain configuration elements.
Control authorized providers and regions for an organization to prevent creation of cluster in unauthorized regions. (We must keep the data in Canada for some of our databases)
Check the allowed IP (IP Access List) addresses
Disable the use of SCRAMS accounts for database access.
Control the "Data Explorer" functionality at the organization level to prevent its activation at the project level.
Totally agree and a bigger customer of us would like to have that governance options as well. Not only on organization level but also on project level.
Another function desired would be to limited the cluster sizes available. Saying if you want to set up a >M40 cluster for the first time the user needs to request permission at the DBaaS team.
If we made it possible to alert on actions or deployments that meet or exceed certain criteria, would that offer a helpful mitigating control?