Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more safeguards - esp. the low-hanging fruit #98

Open
shreyb opened this issue Jan 23, 2025 · 1 comment
Open

Add more safeguards - esp. the low-hanging fruit #98

shreyb opened this issue Jan 23, 2025 · 1 comment
Labels
enhancement New feature or request future Issues that may be worked on in the future

Comments

@shreyb
Copy link
Collaborator

shreyb commented Jan 23, 2025
edited
Loading

@LTrestka set up this nice SafeguardDCS class, to which we've added only one method - createUser. We should think of other safeguards (like deleteUser?), and add them, especially if they're low-hanging fruit we know we shouldn't allow this CLI to run.

@LTrestka , @cathulhu - does this sound like a good next-meeting topic?
@shreyb shreyb added enhancement New feature or request future Issues that may be worked on in the future labels Jan 23, 2025
@shreyb
Copy link
Collaborator Author

shreyb commented Feb 4, 2025

We can get more of these from the ferry task list (maybe Lisa has it).

APIs to not run:

  • deleteUser
  • More to come

Another idea:

  • Have middle ground where tool asks for verification (Y/N)
  • Then next step would be adding SNOW API call to verify that a ticket was filed to do the action requested, and it called this API, but failed
  • Final version would make this functionality a plugin, of which the SNOW API call would be an example implementation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request future Issues that may be worked on in the future
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shreyb