oci-landing-zones
diff --git a/‎CONTRIBUTING.md
Lines changed: 44 additions & 12 deletions b/‎CONTRIBUTING.md
Lines changed: 44 additions & 12 deletions
diff --git a/‎LICENSE renamed to ‎LICENSE.txt
Lines changed: 2 additions & 2 deletions b/‎LICENSE renamed to ‎LICENSE.txt
Lines changed: 2 additions & 2 deletions
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎RELEASE-NOTES.md
Lines changed: 9 additions & 0 deletions b/‎RELEASE-NOTES.md
Lines changed: 9 additions & 0 deletions
diff --git a/‎SECURITY.md
Lines changed: 38 additions & 0 deletions b/‎SECURITY.md
Lines changed: 38 additions & 0 deletions
diff --git a/‎compartments/README.md
Lines changed: 23 additions & 2 deletions b/‎compartments/README.md
Lines changed: 23 additions & 2 deletions
diff --git a/‎compartments/examples/external-dependency/README.md
Lines changed: 1 addition & 1 deletion b/‎compartments/examples/external-dependency/README.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎compartments/examples/vision/README.md
Lines changed: 2 additions & 2 deletions b/‎compartments/examples/vision/README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎dynamic-groups/README.md
Lines changed: 2 additions & 2 deletions b/‎dynamic-groups/README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎dynamic-groups/examples/vision/README.md
Lines changed: 2 additions & 2 deletions b/‎dynamic-groups/examples/vision/README.md
Lines changed: 2 additions & 2 deletions
@@ -1,23 +1,55 @@
-# Contributing to the CIS OCI Terraform Modules
+# Contributing to this repository
 
-*Copyright (c) 2023, Oracle and/or its affiliates.*
+We welcome your contributions! There are multiple ways to contribute.
 
-*Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.*
+## Opening issues
 
-To post feedback, submit feature ideas or report bugs, please use the Issues section in this repository.
+For bugs or enhancement requests, please file a GitHub issue unless it's
+security related. When filing a bug remember that the better written the bug is,
+the more likely it is to be fixed. If you think you've found a security
+vulnerability, do not raise a GitHub issue and follow the instructions in our
+[security policy](./SECURITY.md).
 
-Pull requests can be made under [The Oracle Contributor Agreement](https://oca.opensource.oracle.com/) (OCA).
+## Contributing code
 
-For pull requests to be accepted, the bottom of your commit message must have the following line using your name and e-mail address as it appears in the OCA Signatories list.
+We welcome your code contributions. Before submitting code via a pull request,
+you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA) and
+your commits need to include the following line using the name and e-mail
+address you used to sign the OCA:
 
-```
-  Signed-off-by: Your Name <you@example.org>
+```text
+Signed-off-by: Your Name <you@example.org>
 ```
 
-This can be automatically added to pull requests by committing with:
+This can be automatically added to pull requests by committing with `--sign-off`
+or `-s`, e.g.
 
-```sh
-  git commit --signoff
+```text
+git commit --signoff
 ```
 
-Only pull requests from committers that can be verified as having signed the OCA can be accepted.
+Only pull requests from committers that can be verified as having signed the OCA
+can be accepted.
+
+## Pull request process
+
+1. Ensure there is an issue created to track and discuss the fix or enhancement
+   you intend to submit.
+1. Fork this repository.
+1. Create a branch in your fork to implement the changes. We recommend using
+   the issue number as part of your branch name, e.g. `1234-fixes`.
+1. Ensure that any documentation is updated with the changes that are required
+   by your change.
+1. Ensure that any samples are updated if the base image has been changed.
+1. Submit the pull request. *Do not leave the pull request blank*. Explain exactly
+   what your changes are meant to do and provide simple steps on how to validate.
+   your changes. Ensure that you reference the issue you created as well.
+1. We will assign the pull request to 2-3 people for review before it is merged.
+
+## Code of conduct
+
+Follow the [Golden Rule](https://en.wikipedia.org/wiki/Golden_Rule). If you'd
+like more specific guidelines, see the [Contributor Covenant Code of Conduct][COC].
+
+[OCA]: https://oca.opensource.oracle.com
+[COC]: https://www.contributor-covenant.org/version/1/4/code-of-conduct/
@@ -1,4 +1,4 @@
-Copyright (c) 2023 Oracle and/or its affiliates. 
+Copyright (c) 2023 Oracle and/or its affiliates.
 
 The Universal Permissive License (UPL), Version 1.0
 
@@ -32,4 +32,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+SOFTWARE.
@@ -1,4 +1,4 @@
-# CIS OCI Landing Zone IAM Modules
+# OCI Landing Zones IAM Modules
 
 ![Landing Zone logo](./landing_zone_300.png)
 
@@ -15,7 +15,7 @@ Within each module you find an *examples* folder. Each example is a fully runnab
 
 The modules support being a passed an object containing references to OCIDs (Oracle Cloud IDs) that they may depend on. Every input attribute that expects an OCID (typically, attribute names ending in _id or _ids) can be given either a literal OCID or a reference (a key) to the OCID. While these OCIDs can be literally obtained from their sources and pasted when setting the modules input attributes, a superior approach is automatically consuming the outputs of producing modules. For instance, the [Compartments](./compartments/) module may depend on tags for applying tag defaults. It can be passed a *tags_dependency* map with objects representing tags produced by the [Tags](https://github.com/oracle-quickstart/terraform-oci-cis-landing-zone-governance/tags) module. The external dependency approach helps with the creation of loosely coupled Terraform configurations with clearly defined dependencies between them, avoiding copying and pasting OCIDs.
 
-## CIS OCI Foundations Benchmark Modules Collection
+## OCI Foundations Benchmark Modules Collection
 
 This repository is part of a broader collection of repositories containing modules that help customers align their OCI implementations with the CIS OCI Foundations Benchmark recommendations:
 - [Identity & Access Management](https://github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam) - current repository
 
@@ -1,3 +1,12 @@
+# July 24, 2024 Release Notes - 0.2.2
+## New
+1. [Identity Domains module](./identity-domains/)
+    - Ability to define Identity Domain applications, with support for SAML applications, mobile applications, confidential applications, and the following catalog applications: Oracle Identity Domain, Generic SCIM (Client Credentials), and Oracle Fusion Applications Release 13.
+## Updates    
+1. Auditor policies aligned with documentation.
+2. Aligned [README.md](./README.md) structure to Oracle's GitHub organizations requirements.
+
+
 # April 17, 2024 Release Notes - 0.2.1
 ## Updates
 ### All Modules
 
@@ -0,0 +1,38 @@
+# Reporting security vulnerabilities
+
+Oracle values the independent security research community and believes that
+responsible disclosure of security vulnerabilities helps us ensure the security
+and privacy of all our users.
+
+Please do NOT raise a GitHub Issue to report a security vulnerability. If you
+believe you have found a security vulnerability, please submit a report to
+[secalert_us@oracle.com][1] preferably with a proof of concept. Please review
+some additional information on [how to report security vulnerabilities to Oracle][2].
+We encourage people who contact Oracle Security to use email encryption using
+[our encryption key][3].
+
+We ask that you do not use other channels or contact the project maintainers
+directly.
+
+Non-vulnerability related security issues including ideas for new or improved
+security features are welcome on GitHub Issues.
+
+## Security updates, alerts and bulletins
+
+Security updates will be released on a regular cadence. Many of our projects
+will typically release security fixes in conjunction with the
+Oracle Critical Patch Update program. Additional
+information, including past advisories, is available on our [security alerts][4]
+page.
+
+## Security-related information
+
+We will provide security related information such as a threat model, considerations
+for secure use, or any known security issues in our documentation. Please note
+that labs and sample code are intended to demonstrate a concept and may not be
+sufficiently hardened for production use.
+
+[1]: mailto:secalert_us@oracle.com
+[2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html
+[3]: https://www.oracle.com/security-alerts/encryptionkey.html
+[4]: https://www.oracle.com/security-alerts/
@@ -1,4 +1,4 @@
-# CIS OCI Landing Zone IAM Compartments Module
+# OCI Landing Zones IAM Compartments Module
 
 ![Landing Zone logo](../landing_zone_300.png)
 
@@ -23,7 +23,7 @@ A fundamental principle in using a map of objects is the ability to quickly visu
     - **is_user_required** &ndash; (Optional) Whether the user must provide a tag value for resources created in the compartment.
   - **children**:  &ndash; (Optional) The map of sub-compartments. It has the same structure of the *compartments* map, except for the *parent_id* attribute.  
 
-Note it is possible to apply tag defaults to compartments. Tag defaults are tag values that are automatically applied or required from users on any resources eventually created in the compartments and in their sub-compartments. Use tag defaults to enforce organization wide governance practices in your cloud infrastructure, like automatically applying the cost center identifier to specific compartments. Before using a tag default, a defined tag must be defined in OCI. For configuring tags, you can use the [Tags module in CIS OCI Landing Zone Governance repository](https://github.com/oracle-quickstart/terraform-oci-cis-landing-zone-governance/tags/).
+Note it is possible to apply tag defaults to compartments. Tag defaults are tag values that are automatically applied or required from users on any resources eventually created in the compartments and in their sub-compartments. Use tag defaults to enforce organization wide governance practices in your cloud infrastructure, like automatically applying the cost center identifier to specific compartments. Before using a tag default, a defined tag must be defined in OCI. For configuring tags, you can use the [Tags module in OCI Landing Zones Governance repository](https://github.com/oracle-quickstart/terraform-oci-cis-landing-zone-governance/tags/).
 
 Tag defaults are defined using *tag_defaults* attribute within each compartment in *compartments* attribute. You can have multiple tag defaults in a single compartment. Each tag default requires an immutable key (use an uppercase string as a convention), a tag id (*tag_id*), the default value (*default_value*) and whether or not the value is required from users when creating resources (*is_user_required*). If *is_user_required* is not provided or set to false, the default value is automatically applied upon resource creation.  
 
@@ -154,5 +154,26 @@ For referring to a specific module version, append *ref=\<version\>* to the *sou
 - [Managing Tag Defaults](https://docs.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingtagdefaults.htm)
 - [Tag Defaults in Terraform OCI Provider](https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/identity_tag_default)
 
+## Help
+
+Open an issue in this repository.
+
+## Contributing
+
+This project welcomes contributions from the community. Before submitting a pull request, please [review our contribution guide](./CONTRIBUTING.md).
+
+## Security
+
+Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process.
+
+## License
+
+Copyright (c) 2023,2024 Oracle and/or its affiliates.
+
+*Replace this statement if your project is not licensed under the UPL*
+
+Released under the Universal Permissive License v1.0 as shown at
+<https://oss.oracle.com/licenses/upl/>.
+
 ## Known Issues
 None.
@@ -1,4 +1,4 @@
-# CIS OCI IAM Compartments Module Example - External Dependencies
+# OCI Landing Zones IAM Compartments Module Example - External Dependencies
 
 This example shows how to deploy Identity and Access Management (IAM) compartments in Oracle Cloud Infrastructure (OCI) with external dependencies. 
 
 
@@ -1,6 +1,6 @@
-# CIS OCI IAM Compartments Module Example - Vision compartments
+# OCI Landing Zones IAM Compartments Module Example - Vision compartments
 
-This example shows how to deploy Identity and Access Management (IAM) compartments in Oracle Cloud Infrastructure (OCI) for a hypothetical Vision entity. The sample topology is the same one deployed by [CIS Landing Zone Quick Start](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart). 
+This example shows how to deploy Identity and Access Management (IAM) compartments in Oracle Cloud Infrastructure (OCI) for a hypothetical Vision entity. The sample topology is the same one deployed by [OCI Base Landing Zone](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart). 
 
 It creates the compartment topology as shown in the picture below:
 
 
@@ -1,4 +1,4 @@
-# CIS OCI Landing Zone IAM Dynamic Groups Module
+# OCI Landing Zones IAM Dynamic Groups Module
 
 ![Landing Zone logo](../landing_zone_300.png)
 
@@ -11,7 +11,7 @@ The module defines a single input variable named *dynamic_groups_configuration*,
    - **default_defined_tags**: defined tags to apply to all dynamic groups, unless overriden by *defined_tags* attribute within each dynamic group object.
    - **default_freeform_tags**: freeform tags to apply to all dynamic groups, unless overriden by *freeform_tags* attribute within each dynamic group object.
 
-Check the [examples](./examples/) folder for module usage. Specifically, see [vision](./examples/vision/README.md) example for the dynamic groups deployed by [CIS OCI Landing Zone Quick Start](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart).
+Check the [examples](./examples/) folder for module usage. Specifically, see [vision](./examples/vision/README.md) example for the dynamic groups deployed by [OCI Base Landing Zone](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart).
 
 ## Requirements
 ### IAM Permissions
 
@@ -1,8 +1,8 @@
-# OCI Dynamic Groups Module Example - Vision Dynamic Groups
+# OCI Landing Zones Dynamic Groups Module Example - Vision Dynamic Groups
 
 ## Introduction
 
-This example shows how to deploy Identity and Access Management (IAM) dynamic groups in Oracle Cloud Infrastructure (OCI) for a hypothetical Vision entity. The dynamic groups are the same deployed by [CIS Landing Zone Quick Start](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart).
+This example shows how to deploy Identity and Access Management (IAM) dynamic groups in Oracle Cloud Infrastructure (OCI) for a hypothetical Vision entity. The dynamic groups are the same deployed by [OCI Base Landing Zone](https://github.com/oracle-quickstart/oci-cis-landingzone-quickstart).
 
 It creates the following dynamic groups as shown in the picture below:
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# CIS OCI IAM Compartments Module Example - External Dependencies`
	`1`	`+# OCI Landing Zones IAM Compartments Module Example - External Dependencies`
`2`	`2`
`3`	`3`	`This example shows how to deploy Identity and Access Management (IAM) compartments in Oracle Cloud Infrastructure (OCI) with external dependencies.`
`4`	`4`