Johannes Passing

@rajat2911, I assume you're asking how that works currently? [This doc](https://github.com/GoogleCloudPlatform/jit-access/wiki/Multi-Party-Approval) has more details: > Multi-party approval is handled on a peer-to-peer basis:: > If two users are granted an...

JIT Groups now [takes a different approach](https://googlecloudplatform.github.io/jit-access/jitgroups-concepts/) and lets you choose which users can request vs. which users can approve requests. For example: ``` # ACL, defines who can view,...

Yes, exactly. For managing short-term privileged access, PAM should be the preferred choice going forward. This project is shifting its focus away from the privileged access use case towards enabling...

Sorry for the delayed response. A MacOS version is currently not planned, see #554 for some more details. But wrapping the MSI as a Chocolately (and/or WinGet) package would definitely...

There are several quotas that implicitly limit the number/frequency of requests: * Cloud Asset API: * _AnalyzeIamPolicy Requests per day_ (applies to the `PolicyAnalyzer` catalog) * _AnalyzeIamPolicy Requests per minute_...

The behvior difffers based on [which catalog you're using](https://googlecloudplatform.github.io/jit-access/configure-catalogs/). * If you use the `PolicyAnalyzer` catalog, the project picker (and underlying `listProjects` endpoint) defaults to only returning projects that the...

You don't need to change any role bindings [when switching catalogs](https://googlecloudplatform.github.io/jit-access/configure-catalogs/). The only significant functional difference between the two is that the `PolicyAnalyzer` catalog supports nested group memberships, while the...

I guess this is resolved? Otherwise please reopen the issue.

> After a request has been approved. When i click on the status of the request through the original email, clicking on "View Request". I am still seeing the message...