|
|
|
|
|
|
by russjones
2309 days ago
|
|
|
Thank you Abe! The kind comments are appreciated! So far we have gotten positive feedback. While this feature does not protect against root doing something malicious, it does allow admins to capture what root was doing up until they did something malicious and link that information to an identity (if using SSO). Along with this feature we rolled out a Workflow API [1] that can be used to request role elevation. Once you add in session termination (which we are aiming for in the next release), you will have a powerful set of features that will allow you to start users out with limited access to your cluster with the ability to request more privileges and potentially automatically termination your session (and user) if you're found to be doing some malicious. [1] https://gravitational.com/blog/workflow_api/ |
|
|