Service Control Policies defined in Terraform can be applied to Organization Units and Accounts in organization.yml
.
Organization:
AccountGroups:
- Name: Production
ServiceControlPolicies:
- Name: DisableEURegion
Path: path/to/scp
Type: Terraform
Accounts:
- Email: safety+firmware@example.app
AccountName: Safety Firmware
- Email: safety+ingestion@example.app
AccountName: Safety Ingestion Team
- Name: Development
Accounts:
- Email: eng1@example.app
AccountName: Engineer A
ServiceControlPolicies:
- Name: DisableGPUInstances
Path: path/to/scp
Type: Terraform