The Security-Team often benefits from members having administrative access within Phabricator. Currently, only one member of our team (@Reedy) has this access. Per guidance at T331125#8689286, I would like to request Phabricator admin access (or at the very least access to various 2fa lookup utilities) primarily as a backup to @Reedy's access, so that our team can more easily facilitate various requests. I'm already WMF-NDA via my current employment at the WMF and already have acl*security access. I've added my current manager (@Jcross) for any additional approvals. Thanks.
On T306708#8661705 you said your team can't handle 2fa reset requests while on this ticket you request admin access to handle 2fa requests. This is confusing me a bit.
The confusion might be that T306708 deals with more comprehensive management of various 2fa processes for the totality of Phabricator (i.e. a policy with resources and ownership). This request, as it pertains to T331125#8689286, is more about improving the Security-Team's ability to manage the 2fa components of Phabricator security access requests, and related administrative processes. Though I would likely be happy to assist, on occasion, with more general 2fa management processes within Phabricator, I cannot commit to that level of effort for this request.
Handling Phab 2FA reset requests (T306708) is about a better process to verify request, and the resetting itself requires shell access.
This ticket is about allow more Security folks to check in the Phab UI if an account has set up 2FA (before the account gets access to restricted tasks). Different things.
AFAIK there is no defined process how to handle admin requests, thus adding RelEng for input/approval
Ping @thcipriani @brennen et al to see if there are any objections to this request. Thanks.
@Aklapper - seems like there are no objections here, with at least one blessing from the Release-Engineering-Team?
Mentioned in SAL (#wikimedia-releng) [2023-03-20T21:43:25Z] <brennen> phabricator: setting sbassett to administrator per T331928