meshcloud
Multi-cloud user off-boarding
Is your feature request related to a problem? Please describe. As @tfelix found out, it looks absolutely horrible to offboard users in AWS. We could automate this and also do it simultaneously for the other cloud platforms too.
Reach of the feature request Platforms operators working with AWS (haven't checked Azure & GCP, but it cannot be easy)
Impact of the feature request Without a nice automation, you have to write a fairly long script for deleting a user including the user's various properties such as keys, CLI profiles, and more.
How would a solution look like?
collie user offboard [email protected]
Take inspiration from: https://github.com/meshcloud/infrastructure/pull/35
(It's a closed repo from meshcloud)
(optional) Implementation Hints Have a look at the mentioned PR above.
Also there is a AWS SSO user over there. keep it in mind 👍
E.g for our env Azure SCIM replication only disables the users and not removing them. FunFact: We were talking about removing these replicated users because it can be an issue later because of data protection laws(even if you remove them from Azure Active Directory, these replicated datas will be stay on AWS SSO forever). Probably we will remove them via our replicator or smth later however other people can also need something like this anyway
ps: AWS SSO API is really bad. good luck with that 😄 On the other hand SCIM integration can be so powerful even someone can add(provision) a new user like this but im not sure that can be overkill :)
Adding a link to https://github.com/meshcloud/collie-cli/commit/c5899c7cd7c38d83cea442ce0d4f316a5def9338 here where @tfelix did a PoC implementation of this for AWS
Closed due to lack of community interest - feel free to revive discussion at https://github.com/meshcloud/collie-cli/discussions