search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.16k stars 433 forks source link

Per Policy option to hide Policies from Fleet Desktop Policy view #21597

Open nonpunctual opened 3 months ago

nonpunctual commented 3 months ago

Problem

Currently, all Policies in Fleet assigned to an end user Host on a Team appear in Fleet Desktop.

Screenshot 2024-08-27 at 12 05 10 PM

What have you tried?

N/A

Potential solutions

Customers have raised the option of only presenting Policies to end users that can be self-remediated. Admins also may want to arbitrarily withhold Policies from this view.

Fleet is designed with end user transparency in mind, but, there are organizations whose relationship with end users is intentionally not as transparent as others to meet SLAs or internal security requirements.

What is the expected workflow as a result of your proposal?

Fleet admins should be able to, on a per Policy basis, determine if a Policy is visible to the end user in the Fleet Desktop app or not.

noahtalerman commented 3 months ago

Thanks for tracking this one @nonpunctual!

What's a that prospect-redwine wants to show to the end user and thus ask them to self-remediate?

What's a policy that they don't want to show the end user?

JoStableford commented 2 months ago

Related to a Slack conversation

zayhanlon commented 2 months ago

@nonpunctual i think we have a good understanding of the ask here but i'm removing this from feature fest as we don't have capacity to take it on for the next sprint. can you tag me back in if it becomes workflow blocking? thanks! @dherder fyi