enterprise/compliance needs? #4722
Comments
rbtcollins
added
feature-request
|
Hi @rbtcollins Thanks for opening the issue here - my apologies it has taken us a while to get back to you. We have already started the work to have mandatory peer reviews - https://www.systeminit.com/blog/opportunity-rebac The work for #2 is underway as well - https://www.systeminit.com/blog/opportunity-management-functions There is another piece of work in the pipeline for an audit history and a blog post and video will come later this week on that We expect these pieces of work to be available at the end of October - the blog posts note the specific details of what they will enable Hope this helps Paul |
|
Hi @rbtcollins I'd like to follow up here to point out that our approval workflows are now live - https://www.systeminit.com/blog/announcing-approval-workflows We are also very close to being able to deliver the management functions work - more on that next week (after the thanksgiving break!) Paul |
Is this issue related to an issue?.
Apologies if I've missed it, but there doesn't seem to be any support for a range of features often needed in high governance environments.
There is 'Enterprise features
Custom authentication, ubiquitous access control, history, etc.' in the roadmap, but it isn't clear what the timeframe for that is.
The specific features I'm interested in are
a) those that prevent the (ab)use of a single compromised browser session (or laptop) from affecting a change to production, or exfiltrating a secret. For instance mandatory peer review before application, and before any dry run which might read-out secret material.
b) dealing with a fleet of similar infrastructure - we have many instances of a single basic infrastructure with some minor variance between them. This is currently managed in terraform by parameterising a root module with a unique state file + parameters that encompass the variation. Its also not clear whether this is (or isn't) on the roadmap today - it seems to be a different dimension of scale to me - one of managing complexity at a higher level than the component model; but perhaps components are the intended solution here?
Describe the outcome you'd like from us
For the governance question, just knowing if it is short-term, medium, or 'eventually' would be great!
For the other one, its more of a discussion, but discussions aren't turned on in Github, and discord isn't indexed, so no-one can learn from the discussion, so I guess we'll see if you'll take it here :).
Describe alternatives you've considered
Not having the feature isn't viable unfortunately. Maybe in a world with no threat actors.
Code of Conduct
Additional context
No response
The text was updated successfully, but these errors were encountered: