We got secrets that belong to customer system logins where the customer has special NDA and compliance rules.
In some cases, everybody working on the project has to both, agree to them, as well as understand them while working on the customer system.
While this is mostly the case at project start it might happen that new employees or team members start working on it and nobody thinks about this anymore.
To ensure people keep this in mind before gaining access, the feature request would be some kind of action before the secret request get's approved. When creating some secret it should be possible to add a compliance url linking to a wiki page or other document.
The user should see (or have to read this) before getting access. The person reviewing the request should have an extra step to acknowledge this as well to prevent "approve and run" actions.
This way we could at least remind people of those rules.
This could work as some kind of hook feature that allows adding actions (like this) on secret access, request and approval.
We got secrets that belong to customer system logins where the customer has special NDA and compliance rules.
In some cases, everybody working on the project has to both, agree to them, as well as understand them while working on the customer system.
While this is mostly the case at project start it might happen that new employees or team members start working on it and nobody thinks about this anymore.
To ensure people keep this in mind before gaining access, the feature request would be some kind of action before the secret request get's approved. When creating some secret it should be possible to add a compliance url linking to a wiki page or other document.
The user should see (or have to read this) before getting access. The person reviewing the request should have an extra step to acknowledge this as well to prevent "approve and run" actions.
This way we could at least remind people of those rules.
This could work as some kind of hook feature that allows adding actions (like this) on secret access, request and approval.