Details
-
Documentation
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
Description
Attestation patterns - Nick Roy suggested
- (CH) Attestation on folders that inherits to groups
- (CH) Attestation on reports for a more focused view of authorizations
- Comments:
- If you don’t want the GDG to be a HOW TO, then talking about specific features is not best approach
- Should talk about how to do something generall in Access Governance Universe -not the exact tooling.
- Such as reviewing policy from time to time, using attestation within Grouper
- Would not be step by step, that would be in general Grouper documentation.
- Chris: We should use the word Attestation not the word Review
- Matt: attestation feature targets membership of a group. Group math . Attestation on access control policies group math
- Attestation on Visualization – Chris made a JIRA for that
GRP-2372 - add attestation to access policies OPEN
- End Reference Group and the actual policy
- Group math decisions made by different people than membership decisions
- Some people need to see who comes and goes in a group, but not involved in business process or policy in Grouper
- There are various use cases of where you might need attestation, for example groups for services where you don’t have a good source of institutional record to drive membership.
- Chris: we are collecting future tasks for the GDG. This may not be in scope for this version, given the number of hours allotted for this version of the GDG.
- Summary - this attestation patterns documentation work is for future, after TechEx