-
Notifications
You must be signed in to change notification settings - Fork 14
PAW Group Data Format
This application stores its PAW configuration in the security group description that the PAW is directly a member of.
Because of this, do not change the description field that was configured by this app, otherwise you could cause issues with the management of your PAWs.
Order of the description's items does not matter, the below config is displayed in a logical order, but the actual values may be in any order depending on the initialization of features and which order they were turned on.
CommissionedDate=2021-10-02T20:59:41.944Z,Type=Privileged,UserAssignment=12345678-e179-9ed1-79e1-d19e79e1d19e
Expected Data:
The toJSON() output of the Date object that represents the time when the PAW was commissioned.
Description:
This is used to keep track of when a PAW was commissioned. This could be useful for audit, governance or tamper detection.
Example:
CommissionedDate=2021-10-02T20:59:41.944Z
Expected Data:
This is a string that represents the type of PAW that was commissioned.
Description:
When a PAW is commissioned, it can only be commissioned as a specific type of PAW.
This field will be used with the update and deployment engines for manageability.
This field will also be useful for auditing, reporting, and searching.
This field only accepts the following values: Privileged
, Developer
, or Tactical
.
Example:
Type=Privileged
Expected Data:
The GUID of the settings catalog that controls the assignment of user accounts for the specified PAW.
Description:
The settings catalog keeps track of the user accounts that are allowed to log into the PAW.
This property is just a pointer to the relevant settings catalog.
Example:
UserAssignment=12345678-e179-9ed1-79e1-d19e79e1d19e
- Deployment
- Deploy to Azure (todo, Preferred)
- Deploy to Container (todo)
- Deploy to Windows (todo)
- Deploy to Linux (todo)
- Deploy/Run from Source
- Required Graph API Permissions
- Configuration
- Managed Identity
- App Registration (Coming Soon)
- Environmental Variables Reference
- Scope Tag Data Format
- PAW Group Data Format
- Debug Mode (todo)
- Identity Reference (todo)
- Usage
- Architecture Auto Deployment (todo)
- PAW Lifecycle Management (todo)
- Silo Management (todo)
- Configuration Health Check (todo)
- In-app Permissions/RBAC/IAM (todo)
- Updating the App (todo)
- Workflows
- Troubleshooting
- REST API
- Policy List
- Dev Zone
- Troubleshooting (Coming Soon)