It would be convenient if the @ops-monitoring-bot could write on tasks restricted to WMF-NDA and acl*sre-team
My usecase is the new sre.network.debug cookbook, that adds debug output to tasks. Unfortunately such tasks are often restricted as they mention 3rd party providers and the Cookbook fails with:
phabricator.APIError: ERR-CONDUIT-CORE: Monogram "T314511" does not identify a valid object.
Of course I understand if it's not safe security-wise.
Opening this task in case we were waiting for a valid usecase before granting such privileges.
Or maybe there is a way to only grant write access with no read access which would mitigate the risk.