florianow
florianow
**What type of PR is this?** > > /kind feature **What this PR does / why we need it**: this PR adds the opportunity to use flatcar container Linux for...
Perhaps it would be more sensible to explore the available built-in roles instead of maintaining custom roles for the CloudFoundation group. The organization hierarchy cannot deploy definition sets due to...
[Privileged Identity Management](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/pim_active_role_assignment) is possible. Could a good fit for our high privileged cloudfoundation-engineers group.
adding a storage alert for the state bucket as an example [storage bucket alert](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/tutorial-log-alert)
Comparison of the two repos on the topic of policy as code and monitoring alerts in the enterpise scale environment with collie [azure-monitor-baseline-alerts](https://github.com/Azure/azure-monitor-baseline-alerts/tree/main) [enterprise-azure-policy-as-code](https://github.com/Azure/enterprise-azure-policy-as-code)
the spoke vnet has no logs similar to those set up in the networking kit. Diagnostic setting could also be switched on. You should also check what else can be...
It would be really cool if collie missed a deployment pipeline. The kits are becoming more and more dependent on each other so that a deployment affects a kit that...
[terraform-azurerm-lz-vending](https://github.com/Azure/terraform-azurerm-lz-vending) can we learn something or copy from that approach to collie hub for the tenant (subscription) provisioning.
[RESOURCE AUTHORIZATION MANAGEMENT](https://cloudfoundation.org/maturity-model/iam/resource-authorization-management.html#open-and-closed-landing-zone-designs) is not part of a kit or buildingblock yet but for deploying tenants necessary.