| ▲ | arnvald 8 hours ago | ||||||||||||||||
It's all cool as long as you keep all of this up to date, and that requires a lot of scrutiny and discipline. Once I had to go through a security audit at a job I had. Part of it was to show managing secret keys and who had access to them. And then I realized that the list of people who had access to one key was different than the list of the code owners of the service I was looking at, which was yet different than the list of the administrators of that service. 3 different sources of truth about ownership, all in code, all out of sync. | |||||||||||||||||
| ▲ | Philip-J-Fry 6 hours ago | parent | next [-] | ||||||||||||||||
Isn't the point that this is the source of truth? If someone needs access to a secret, you would implement it in this DSL and commit that to the system. A side effect would run on that which would grant access to that secret. When you want to revoke access, you commit a change removing that permission and the side effect runs to revoke it. | |||||||||||||||||
| ▲ | chrisjj 7 hours ago | parent | prev [-] | ||||||||||||||||
> 3 different sources of truth about ownership I see only 1. Admin, access <> ownership. | |||||||||||||||||
| |||||||||||||||||