Hierarchy And Inheritance

Single-Level-Org Hierarchy Model: 

Lifecycle supports this model for releases prior to 156.

In this hierarchy model:

  • The root organization acts as a container for organizations.
  • The organizations act as containers for applications.
  • The root organization has no applications attached to it.
  • Applications can only be attached to a single organization.

156 N- Level Hierarchy Model

Sonatype Lifecycle supports a multi-level organization hierarchy model (N-level), consisting of a top-level organization (Root Organization) linked with organizations at multiple lower levels.

Using this hierarchy model, you can create a distributed organizational structure for managing Lifecycle applications, that mimics the management hierarchy of your organization's business model. This helps in decentralizing and distributing the actions of managing Lifecycle policies among various levels of organizations. With an N-level hierarchy, organizations have the flexibility to define context-sensitive policies and enforce remediation steps that work best specifically for that organization (business unit) and its applications. 


Example 1: An organization can be linked to multiple applications.

Example 2: An organization B.1 can be linked to multiple applications and also to another organization that is linked with multiple applications

Example 3: An organization B.2 can be linked to multiple organizations B.2.1 and B.2.2. These organizations can be directly linked with different applications.

Use case scenarios for using N-Level-Org Hierarchy:

  1. Match the company's organizational hierarchy of different business units 
  2. Focus on the risk profile of applications specific to a business unit
  3. Achieve more granular policy management by customizing the policy constraints and conditions at an aggregated level of a specific organization
  4. Decentralize access control to limit the scope of decision-making to certain user groups or business units
  5. Support applications having microservices-type architecture, to develop, deploy and maintain independently

Inheritance

In Lifecycle, Inheritance refers to re-using a policy defined at a higher hierarchical level. A policy defined at the root level will be enforced at all organizational levels. A policy defined at an organizational level will be enforced on all organizations and applications linked to it. You will not have to create a policy for every organization or application. Any change in the policy conditions at a higher level in the hierarchy will propagate downstream to all inheriting organizations or applications.

We recommend that you use the root organization to set your governance policy that applies globally to all organizations. You can fine-tune policy at the organizational level and allow your applications to inherit those changes.

Related Links:

Refer to Policy Management to create policies that define rules for OSS component usage.

Refer Override Policy Actions to disable inheritance of certain policy actions at lower levels, without affecting the policy set at higher levels. This gives you more control over policy enforcement for individual organizations or applications.