Create process to actively monitor active mysql grants vs what the grant scripts hold
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	Dwisehaupt
	Mar 10 2020, 11:51 PM

Description

With the new check option on the mysql grants scripts, it is possible that we could have an automated process check the active grants and compare them with what is in the scripts. To do this we would need something running in a place with the grant scripts that could also hit the sql ports of the different databases. On the database end, we would need a user that would need select on mysql.* privs.

Given that the check option and pt-show-grants --noheader --flush output the same information, we should be able to collect and diff the output and warn/alert based on the number of changes.

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		Dwisehaupt	T243342 Audit mysql grants and ensure the grant scripts reflect the current reality
		Open		None	T247371 Create process to actively monitor active mysql grants vs what the grant scripts hold

Event Timeline

Dwisehaupt removed Dwisehaupt as the assignee of this task.Mar 10 2020, 11:51 PM

Dwisehaupt created this task.

Dwisehaupt moved this task from Triage to FR-Ops on the Fundraising-Backlog board.

Jgreen moved this task from Triage to Up Next on the fundraising-tech-ops board.Mar 12 2020, 1:22 PM

Dwisehaupt moved this task from Up Next to Backlog on the fundraising-tech-ops board.Apr 17 2020, 8:23 PM

Create process to actively monitor active mysql grants vs what the grant scripts holdOpen, Needs TriagePublicActions

Description

Related ObjectsSearch...

Event Timeline

Create process to actively monitor active mysql grants vs what the grant scripts hold
Open, Needs TriagePublic
Actions

Related Objects
Search...