Automatic access request support for tsh db login and tsh db connect and tsh proxy db#39156
Merged
Automatic access request support for tsh db login and tsh db connect and tsh proxy db#39156
tsh db login and tsh db connect and tsh proxy db#39156Conversation
greedy52
added
tsh
greedy52
force-pushed
the
STeve/34517_tsh_auto_db_request
branch
from
d4f85a1 to
1fa3c7e
Compare
smallinsky
reviewed
Mar 12, 2024
smallinsky
approved these changes
Mar 12, 2024
marcoandredinis
approved these changes
Mar 13, 2024
| proxyDB.Flag("labels", labelHelp).StringVar(&cf.Labels) | ||
| proxyDB.Flag("query", queryHelp).StringVar(&cf.PredicateExpression) | ||
| proxyDB.Flag("request-reason", "Reason for requesting access").StringVar(&cf.RequestReason) | ||
| proxyDB.Flag("disable-access-request", "Disable automatic resource access requests").BoolVar(&cf.disableAccessRequest) |
Contributor
There was a problem hiding this comment.
In another PR I suggested a different flow for dealing with automatic access requests.
You can see it here: #39003 (comment)
That PR is not merged yet, but because of another reasons.
However, I think my suggestion applies here.
What do you think about it?
Contributor
Author
There was a problem hiding this comment.
Hi Marco. It's a good suggestion but I think consistency is more important. If it's going out soon, I can switch to request-mode. I can wait a few days and check the progress on that PR.
Otherwise, I would prefer getting this in first and coming back to it and implementing the similer role request for db access after that PR is in (and adding the new mode).
public-teleport-github-review-bot
Bot
removed request for
GavinFrazar and
tigrato
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements #34517
changelog: added automatic access request support for
tsh db loginandtsh db connectandtsh proxy dbSample Test Setup:
requesterrole, give somedb_usersanddb_namesto user traits.tshas the new usertsh db lsshould be empty. Find databases withtsh request search --kind=dbtsh db connect --db-user <db-user> <db>