@gitlab-com/business-technology/team-member-enablement
in the issue, with no particular SLA.it-help
in the #it_help channel in slack with a note on why it is urgent.AR-Approval::Manager Approved
on the issue unless the person is:
You don't need manager approval if you are requesting the following:
Please use Teleport to request temporary access to either the Rails console or the database console.
You might already have it: Test if you have a dev account.
You don't need to open an access request for Zendesk light access. Follow the instructions to get access by email
Please use the slack_googlegroup_1password
AR template for any email alias additions or name changes.
There are no restrictions on what can be requested, or how many, but please include a short explanation for the addition or change. Some alias requests may be denied if deemed inappropriate or at the discretion of operations.
While this application automation will take place in Okta, "true" system provisioning and deprovisioning will still need to be manually completed within the impacted systems via an Access Change Request.
It is expected that an access request will be completed as soon as possible (30 day's)
We have a pipeline setup that will automatically close access requests once they are past 30 days (at the time of creation).
This is to reduce stale AR's and clear out the backlog. The exception to this is if an AR has the AccessReview
label, the pipeline will ignore the issue if it has that label.
This pipeline will add a comment on the issue that it is being automatically closed and what the team members should do
if they have tasks remaining.
Currently, the pipeline is scheduled to be run at 09:30 PM on every Friday. It will close all access request issues that are 30 days old.
Please note: This is the first iteration of the AR auto closer. Our team will be working to refine and improve this.
Raise an Access Request specifying which accesses and person needs to be removed