Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
docker
lib
scripts
spec
.gitignore
COPYRIGHT
Gemfile
Gemfile.lock
LICENSE
README.md
app.yaml
config.yml.sample
deprovision.sh
gam.sh
local-units.sh
run.sh
units.sh
vars.sh.example

README.md

Deprovisioner

An account deprovisioning platform for heterogeneous systems.

Commands

Here is a list of "commands" this tool supports. Some commands might encapsulate other commands.

  • deprovision user account_id - Executes a work-flow with G Suite, Okta and other systems to deprovision a user when they leave the company. This command potentially can execute such a work-flow across heterogenous apps.
  • deprovision users - Run deprovision user for all deprovisionable accounts.
  • get deprovisionable - Produces a list of suspended accounts that were last accessed more than thirty days in the past.
  • get suspended - Produces a list of suspended accounts and the date they were last accessed.
  • clear oauth - Removes OAuth grants from all suspended accounts.
  • clear oauth account_id - Removes OAuth grants from a particular account.
  • unsubscribe groups account_id - Removes account_id as a member of all groups of which it is a member.
  • version - Reveals the version of the Deprovisioner software you are using

Dependencies

Deprovisioner's runtime scripting assumes JRUBY, which is pulled and injected into the container during the build. You may use any Ruby you wish. Deprovisioner's use of Ruby is not complex or exotic so you should not expect compatilibty issues. GAM (Google Apps Manager) version 3.42. This is downloaded and injected into the container during build.

Build

Populate vars.sh according to the template provided in vars.sh.sample. Modify scripts/build.sh for your container registry. Run scripts/build.sh.

Test

Run tests inside the container like this:

docker run -it [your_container_name] /app/units.sh

Use

Once inside the container, you will need to configure GAM to work with your secret keys by running gam info domain and following the prompts. With GAM configured, you will be able to run any of the commands listed above.

Legal

Copyright 2018,2019 Mark D. Richter

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

You can’t perform that action at this time.