3.3 KiB
2021-W10
2021-03-08 Monday
MEETING IROH Token & Posture work meeting
CLOCK: [2021-03-08 Mon 19:00]–[2021-03-08 Mon 20:32] => 1:32
[2021-03-08 Mon 18:59]
Experience we're trying to reach with Posture.
Martin should feel like a Platform. Selectively select product. Onboard AMP only once for everything.
J: Posture should abide IROH-Auth OIDC to prevent discrepencies
Didi: I would like to separate that.
@Didi:
3 types of UX.
- New user and want to start SecureX. Onboard all modules.
- I am existing user, I have all enabled. I want to turn on Postule and modules inside the suite right now.
- I want to be able to kill my Posture collection. I want to revoke access.
- Monitor the situation of what is happening in my system.
Elias:
- org managing. We're not gonna have Posture to have a separate org management.
Didi:
Back from session. Hacks Millards
IROH-Auth is the authorize source of orgs. Basically session manager able to get identity token. Some org-hint in Okta.
How to integrate Posture in SecureX.
Elias:
Real concern is about webhook integration.
2021-03-09 Tuesday
MEETING CSA Migration check work meeting
CLOCK: [2021-03-09 Tue 06:05]–[2021-03-09 Tue 07:05] => 1:00
[2021-03-09 Tue 06:04]
- ref
2021-03-10 Wednesday
IN-PROGRESS weekly work
CLOCK: [2021-03-10 Wed 15:23]–[2021-03-10 Wed 17:07] => 1:44
[2021-03-10 Wed 15:22]
Done
Meetings:
-
bug fixing due to provisioning API call in PROD
- fix the bug in v1.67; disable provisioning API.
- prevent the provisioning API de delete idp-mappings
-
generic discusion about the goals for the Auth for SecureX
- discussion about moving the org/user management to Okta (I think).
Code:
- Prevent duplicate user creation via the provisioning API (#4930)
- Improve idp-filter message. (#4921)
- Display Org's idp in account selection (#4909)
- provisioning API further protections (#4919)
- Prevent destructive change via Provisioning API (#4900)
- Relax scopes for non activated accounts (#4891)
- Easy fix for a faster test (#4936)
- Delete obsolete files. (#4907)
- Destroy tokyo (#4880)
- Fix reported status due to missing scope. (#4886)
Working
- Improve Selection Page https://github.com/threatgrid/iroh/issues/4918
-
IROH-Auth Session: https://github.com/threatgrid/iroh/issues/4323
- Add/delete cookies during Authentication workflow; https://github.com/threatgrid/iroh/issues/4911
- Checking diff between
uberjar
profile andtest
dependencies version
2021-03-11 Thursday
MEETING weekly with Al! work meeting
CLOCK: [2021-03-11 Thu 18:11]–[2021-03-11 Thu 19:06] => 0:55
[2021-03-11 Thu 18:11]
CSA migration stress
Al
It works very very well. It sells more products.
Push the hole portofolio. Hard for people to enter into the system.
It because more complex. CSA Migration should be fixed. Firewall migration is important.
Production issues. Pressure on the system.
Dates comes from you.