Add SCB support for ssh operations #108
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Fix code scanning results and then +1 |
complexsplit
approved these changes
Oct 5, 2021
src/ops/cli/parser.py
Outdated
| @@ -109,5 +109,7 @@ def configure_common_ansible_args(parser): | |||
| help='Ask sudo pass for commands that need sudo') | |||
| parser.add_argument('--limit', type=str, | |||
| help='Limit run to a specific server subgroup. Eg: --limit newton-dcs') | |||
| parser.add_argument('--noscb', action='store_false', dest='use_scb', | |||
| help='Disable use of Shell Control Box (SCB) even it is enabled in the cluster config') | |||
src/ops/cli/ssh.py
Outdated
| '--noscb', | ||
| action='store_false', | ||
| dest='use_scb', | ||
| help='Disable use of Shell Control Box (SCB) even it is enabled in the cluster config') |
src/ops/cli/sync.py
Outdated
| @@ -26,6 +28,8 @@ def configure(self, parser): | |||
| help='Value for remote user that will be used for ssh') | |||
| parser.add_argument('src', type=str, help='Source dir') | |||
| parser.add_argument('dest', type=str, help='Dest dir') | |||
| parser.add_argument('--noscb', action='store_false', dest='use_scb', | |||
| help='Disable use of Shell Control Box (SCB) even it is enabled in the cluster config') | |||
Shell Control Box (SCB) is an activity monitoring appliance from Balabit (now One Identity) that controls privileged access to remote servers. Added support for using ops with SCB for the following operations: ssh, tunnel, proxy, ansible play, run and sync
added 3 commits
October 5, 2021 17:57
amuraru
approved these changes
Oct 13, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Shell Control Box (SCB) is an activity monitoring appliance from Balabit (now One Identity) that controls privileged access to remote servers.
Added support for using ops with SCB for the following operations: ssh, tunnel, proxy, ansible play, run and sync
Motivation and Context
In my organisation using SCB will be mandatory for security reasons and ops-cli is already being used.
How Has This Been Tested?
Used ops-cli with an aws cluster for the following operations:
All operations were tested in each of the following scenario:
Types of changes
Checklist: