Hello Romold,
Here are some ideas:
- We can consider to use Advanced Policy, there we can define a for flexible logic, Setup → Policies → create or edit an Advanced Policy → Policy Rules section → Create New Rule, there we jave several methods, here is a very simple example by using Match List.
- When the logic is more complex, then we can also use Rule, for more complex logic, we can also use a Rule to calculate the PolicyViolation. There is good example regarding the Rule on this compass post.
- Write your own policy executor, as a starting point here is the reference compass post. This is most likely similar to Adanced Policy with Rule implementation.
- In addition, from KOGIT, we have a plugin (KOGIT SOD Matrix Plugin there we not only calculate the SoD Policy in a Matrix strategy but we also have a framework to do “Allow List” which also fix into your scenario.
Hope this helps in your case. Good luck!
Thanks and Regards,
Mike