Username: jbennett
Full name: John Bennett
Description
Details
Subject | Repo | Branch | Lines +/- | |
---|---|---|---|---|
adding john bennett to ldap users section | operations/puppet | production | +4 -0 |
Event Timeline
@JBennett: Can you clarify exactly what you need to access on logstash? Do you just need to read files, or administrate the node? I'm not really sure what you want to do there, so not sure what group to put you in.
We'll also need you to comment with a public ssh key. This ssh key should have a passphrase on the private key, and not be used on any other systems. It should be dedicated to Wikimedia production shell, not shared with cloud or anywhere else.
Depending on the access requested, we may have to have it reviewed in our weekly SRE meeting (if it has any sudo access in the request.)
@JBennett: Can you clarify exactly what you need to access on logstash? Do you just need to read files, or administrate the node? I'm not really sure what you want to do there, so not sure what group to put you in.
We'll also need you to comment with a public ssh key. This ssh key should have a passphrase on the private key, and not be used on any other systems. It should be dedicated to Wikimedia production shell, not shared with cloud or anywhere else.
Depending on the access requested, we may have to have it reviewed in our weekly SRE meeting (if it has any sudo access in the request.)
Your Full Name: John Bennett
developer access userid: jbennett
ssh key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIOdNYh9J4uSm7uuVZG7zttu/9Xtk5IaCPSokdOyhNnAoMBE51mnTZTrGm+SxUTfXs3tniklrn2lZtDDookMOnDFzN/HwhKbw0QEsef9f2hOVj16QLF5jqdZi8Tk/15OOaHJST4/BafT3uFpMnaQLRpApfSYlKvqLxs2cZFLCtfZZ2HscCpNUPpbNLyRg0OcPoFhjui+dnVZJR856L+wStSFv9oUytshOa0/JYd0VMRV78kDcXIKIMbaqufhaMKCel3lA7QnJzQMoTvWY/FB888koHza+si0bzwc/DhQE19kE6Oobu8WabmDwiP3sQyiuc+bEM6Xn3YUer8nnJoBPx john@gpants
Reason: need access to logstash
I need to be able to access logstash to invistigate security incidents. So, i'll similar access to Brian Wolff or Sam Reed.
IRC Update:
John actually needs access to the https frontend, not shell access. So moving from SRE-Access-Requests to LDAP-Access-Requests. Since ldap flags have no waiting period, I'll add @JBennett to the ldap only users section of the admin module and add the proper wmf ldap flag.
Change 430635 had a related patch set uploaded (by RobH; owner: RobH):
[operations/puppet@production] adding john bennett to ldap users section
Change 430635 merged by RobH:
[operations/puppet@production] adding john bennett to ldap users section
Confirmed wikitech account, added to ldap users section of admin module, and added to wmf ldap group.