Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Support Operations / 9 Feb 2022
GitLab / Support Operations / 9 Feb 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Support Ops - Audits - 1Password

Description

Jason Colyer, Support Operations Manager at GitLab, takes us through the audit process for 1Password

A

Greetings all my name is jason carr, I'm support operations manager here at gitlab and today we're going to cover doing audits for one password. So let me share my screen and we will get started.

A

So it's all going to start from the audits. You know project here. What you'll start with is you'll make an issue. So you go to your issues, new issue and you're, going to use the one password template- and um this looks a lot like all the other templates. um It'll tell you what you need to do. So you know put your name here enter the start date enter the quarter, make sure the title is correct, assigned to yourself assigned to your support, operation manager and then complete the audit.

A

Then you have a note section and that's where your actual notes will go and then we've got some of our tagging stuff down here.

A

Now all of this works through the scripts that are in the bin folder this one particularly one password audit script. So um to go over how this works, we're requiring faraday, json, open, uri and yaml. This is mostly for getting the supporting gamma information, so we'll define the get lab, client and a function to get the support team yaml file in its raw format and then parse it using gammel for agents we're just going to set it to the results from the support team animal.

A

This makes it so we only have to make this api call once um from there we're going to run the op list. Users dash dash group equals support and then use jq to map that to just email addresses one password doesn't have an api at this time. You have to use their command line script. So that's what this will do. You'll have to, of course, have that set up the audit readme.

A

uh The audit projects readme covers that or links to where you need to go, but essentially it's going to use json to parse this output, and that will be the users in the group. We set an empty variable for bad users, it's an empty array and then we're going to output our table information.

A

So you know the support team agent name, their gitlab username, the notes, um we'll print out some ljust to get their name and their username and then, if the one info for onepass includes their email, it's just gonna end the table line because there's no action needed. If it's not it's going to output this, not in the one password group, because we need to add them- that's something we have to action on um from. Here we have the allowed users.

A

These are people who have been allowed to access the support, even though they're, not in the support team mammal so from the one password one pass: output we're going to essentially go through it and if they're not it'll, skip the iteration if they're in this allowed user array.

A

Otherwise it's going to add to the bad users array the email address of the person who's there and then, unless the uh count of this array is zero, it's going to output to, let us have another table that tells us this person is in there and they need to be removed.

A

You'll copy all the output from this script and put it into that note section, and then you will go into one passwords, support group and action on what needs to be actioned on um that's all. There really is to it. um It can take a little bit of time, but I found the script normally completes. You know a couple, a couple minutes at max.

A

um If you have any questions, feel free to always reach out. I hope you found this educational and I look forward to seeing you in the next video.