Comment by arnvald

10 hours ago

It's all cool as long as you keep all of this up to date, and that requires a lot of scrutiny and discipline.

Once I had to go through a security audit at a job I had. Part of it was to show managing secret keys and who had access to them. And then I realized that the list of people who had access to one key was different than the list of the code owners of the service I was looking at, which was yet different than the list of the administrators of that service. 3 different sources of truth about ownership, all in code, all out of sync.

4 comments

arnvald

chrisjj 9 hours ago

> 3 different sources of truth about ownership

I see only 1.

Admin, access <> ownership.

d4mi3n 8 hours ago
I always thought of this as authority, accountability, and responsibility of a thing. Ideally one group or person has all three. In practice you’ll have many entities with some combination of the three.
- chrisjj 7 hours ago
  
  I am sure mere access does not imply any kind of ownership.

Philip-J-Fry 8 hours ago

Isn't the point that this is the source of truth?

If someone needs access to a secret, you would implement it in this DSL and commit that to the system. A side effect would run on that which would grant access to that secret. When you want to revoke access, you commit a change removing that permission and the side effect runs to revoke it.