Check on revoked users in PE - Githubissues

puppetlabs / puppetlabs-pe_status_check

Self Service Module for Puppet Enterprise

Apache License 2.0

1 stars 33 forks source link

Check on revoked users in PE #154

Closed davidsandilands closed 2 years ago

davidsandilands commented 2 years ago

Use Case

Users can get revoked accidentally and its not noticed until it causes impact due to access failures.

Describe the Solution You Would Like

A status check via task and fact which listed out revoked users would be useful to allow monitoring.

Describe Alternatives You've Considered

I can't think of another way of doing this right now, maybe metrics collector should have this?

Additional Context

Check for revoked users using https://puppet.com/docs/pe/2019.8/rbac_api_v1_user_get_users.html with a filter

MartyEwings commented 2 years ago

While im open to expanding the use case of the module, perhaps into tasks and plans, at the moment the core facts we are implementing are all boolean values. since the number of revoked users is always changing, and we cant subjectively say if the number is too high or too low i don't think we can implement such a check in the current design