Channels
  • Dan Achin

    Dan Achin

    1 year ago
    Has anyone here turned query packs into RPMs or other artifacts for distribution and installation? We are thinking we might want to build a query pack pipeline. A primary driver for this would be to allow certain sets of users to create and test packs in non-prod and then push them to prod without needing access to the UI or fleetctl in prod.
  • sundsta

    sundsta

    1 year ago
    We use different instances of Fleet for this. Different hosts are enrolled to the different instances
  • Dan Achin

    Dan Achin

    1 year ago
    @sundsta, that's what we are trying to avoid. We want the bare minimum of separation at Fleet itself.
  • sundsta

    sundsta

    1 year ago
    I’m not sure I follow. Wouldn’t the bare minimum of separation from Fleet be no separation at all?
  • zwass

    zwass

    1 year ago
    Richer authorization for actions within Fleet is fairly top of mind in our roadmap plans. This would allow you to define labels (perhaps manual labels would be best for this particular use case) that users are authorized to take actions against.
  • Dan Achin

    Dan Achin

    1 year ago
    @sundsta, what I meant was that we only want to separate the Fleet infra if we absolutely must. For example, data from our corporate assets is just too sensitive for most of the company, hence we'll have a separate Fleet infra for those that only our Ops security team will have access to. However, for our production assets, things are much grayer. We are all one Ops org, but we have different business units we support. Are we really OK with Ops from BU A being able to run queries on / see results for systems in BU B? Currently if we wanted to restrict that, we'd need separate Fleet instances.