Russell-Allen
commented
3 years ago This is becoming an urgent need.
With the introduction of tunneler enabled routers, Ziti now creates, updates and deletes Identities and Edge Router Policies on its own. Without change events, any integration platform must constantly poll the controller management API and perform an expensive full scan to compare the platforms version of truth to that of Ziti.
There is no mechanism that I am aware of for an integration to observe ziti entities for change (other than polling the controller API.)
As an integrator, I'd like to be able to 'subscribe' to receive change events such that whenever an entity matching my subscription is modified (created, updated, deleted), then my integration is notified.
Notification mechanism could be via web socket, web hook, or simply written to a journal file which can be monitored by a co-located process (ie filebeat.)
Subscriptions filters: by entity type? include system entities yes/no? by change type (creates y/n, updates y/n, deletes y/n)? I'm not sure if there would need to be some abstract 'level' filter to eliminate noise ... as in, level=primary would only event if an entities main properties were changed and would ignore noise in tertiary properties.
Ideally the event would contain some form of identifier of who initiated the change as well as an indication of the changed values (plus the obvious entity type and id.)