Governance in StackGen

For Platform and DevOps Engineers

Overview

The governance process in StackGen begins with defining policies, where governance rules are defined and validated. These policies are then assigned to specific teams or appStacks to ensure targeted enforcement. Compliance is maintained through automated validation, continuously checking infrastructure against governance standards. When deviations occur, remediation steps are initiated, offering automated suggestions to restore compliance and uphold governance requirements.

Governance Workflow

Governance in StackGen consists of three key steps: Governance Configuration, Governance Assignments, and Custom Policies. Together, these steps let you enforce access control, security, and compliance, ensuring that your teams can collaborate effectively within well-defined governance boundaries.

Steps	Description
Governance Configuration	Define a set of custom policies that regulate infrastructure resource usage. Can be assigned at the team level. For example, restrict users within a team to create appStacks on AWS cloud.
Governance Assignments	Assign governance configurations to teams or appStacks. Enforce security, compliance, and operational policies automatically. For example, ensure that developers creating an appStack have a restriction on the number of resources they can add to the infrastructure
Custom Policies	Assign custom policies to appStacks, such as: Custom IAM Policies Resource Restriction Policies Resource Mapping / Override Policies Resource Security Policies Resource Pack Policies Refer to the CLI Guide to learn how to sideload these policies into StackGen.

Next: Let's understand each of these one by one.