guardian
guardian copied to clipboard
raystack
Guardian is universal data access management tool with automated access workflows and security controls across data stores, analytical systems, and cloud products.
**Summary** For some basic CRUD, ORM is helpful and help us faster in development. However, in our current state of Guardian, there are some cases when using gorm as an...
**Summary** At the moment, guardian policy validation is done on creation. And any testing for the intricate steps require creating a policy and doing the whole appeal flow just to...
**Summary** Currently, almost all of the methods in repository doesn't accept `ctx` while it is necessary to pass so that for one request can share the same context **Proposed solution**...
**Summary** Guardian is currently using `go-sqlmock` to test its store layer and there might be some specific cases that this approach does not cover since we are not testing the...
**Summary** At the moment, for every provider one can configure a set of roles with permission sets. It enables one to control the access roles to which a user can...
**Summary** As a user, they want to raise an appeal for another user in Guardian. This could help the manager/supervisor to raise all access-request for a user and sometimes this...
**Summary** Complex appeal approval flow can't be modelled using policy config YAML file so in that case, Guardian should be able to integrate with existing complex approval flow like `bpmn`....
**Summary** Move AppealConfig from provider config to policy config. Related discussion - https://github.com/odpf/guardian/issues/213 ```yaml appeal: allow_active_access_extension_in: 24h ```