GitHub is introducing a new IAM (Identity and Access Management) tool, dubbed entitlements, that leverages the company’s own Git framework to allow purses, tracks, and access to a business system.
The main idea of entitlement is to use a dedicated Git repository as a way to provide a centralized clearinghouse for identity management data and to use pool requests for any changes. Given system.
The use of metadata tags also allows administrators to be gracious in managing access to their systems — long-lasting permissions may be subject to mandatory re-verification, differently tagged users may be granted different rights and privileges, and so on. In addition, the use of Git provides a detailed audit log of the entire process, allowing administrators to track who requested what access and when, when it was granted, and by whom, for example. A detailed list of groups organized by managers, regions, access levels, and more is available for better auditing.
Git has been using the entitlements system internally “for years”, announcing that the entitlements have become open source, according to the company’s official blog post. The system can be used in any Git repository, but with GitHub.com it allows more functionality by using it directly, such as the use of cron work to automate review and auditing tasks, or the use of a business data “true-false” to push. Update the entitlement framework from an org chart.
Moreover, GitHub says, like any good open source project, entitlements are constantly being improved and revisited.
“GitHub uses entitlements every day, an average of about 2,000 commits per month,” the company said in a blog post. “We’re constantly improving the app and exploring ways to make it easier to use. We want to enable others to use what we’ve created for their own IAM needs.”
More information about entitlement systems is available here App repoAnd example configuration and workflow are available here Configuration repo here. GitHub open source two output plugins for entitlements, To manage a GitHub Orgs and team membershipAnd another that Allows companies to create robust audit logs.
Copyright © 2022 IDG Communications, Inc.
