starred/the-bastion
1
0
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2026-05-09 08:25:27 +02:00
Code Issues 46 Projects Packages Wiki Activity

[GH-ISSUE #359] Bulk operations on restricted "account*" plugins? #94

New issue
Open
opened 2026-05-07 00:18:46 +02:00 by BreizhHardware · 1 comment
BreizhHardware commented 2026-05-07 00:18:46 +02:00
Owner
Copy link

Originally created by @ldelelis on GitHub (Feb 10, 2023).
Original GitHub issue: https://github.com/ovh/the-bastion/issues/359

A frequent use case on our bastion implementation is to operate on multiple users to update a particular ACL. The way we do it is via looping from a regular shell, accessing a bastion admin user, and updating this ACL with the respective bastion plugin.

I'd like to know if it would be possible to implement a way to bulk these operations into a single accountAddPersonalAccess command. Something like passing --account multiple times, or having a new --accounts option that takes a comma separated list of account names

I understand this is normally an use case for Bastion groups. However, our topology requires that we use individual users for this, so groups are not an option.

Originally created by @ldelelis on GitHub (Feb 10, 2023). Original GitHub issue: https://github.com/ovh/the-bastion/issues/359 A frequent use case on our bastion implementation is to operate on multiple users to update a particular ACL. The way we do it is via looping from a regular shell, accessing a bastion admin user, and updating this ACL with the respective bastion plugin. I'd like to know if it would be possible to implement a way to bulk these operations into a single `accountAddPersonalAccess` command. Something like passing `--account` multiple times, or having a new `--accounts` option that takes a comma separated list of account names I understand this is normally an use case for Bastion groups. However, our topology requires that we use individual users for this, so groups are not an option.
BreizhHardware commented 2026-05-07 00:18:47 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Feb 15, 2023):

Hello,

This is also a use case we have from time to time, and the --account A,B,C option is definitely doable.
I'll keep this ticket as a reminder, knowing that it would be useful for others will help me prioritize :)

<!-- gh-comment-id:1431553600 --> @speed47 commented on GitHub (Feb 15, 2023): Hello, This is also a use case we have from time to time, and the `--account A,B,C` option is definitely doable. I'll keep this ticket as a reminder, knowing that it would be useful for others will help me prioritize :)
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
expifix
groupcreate_fix_uid
fix_group_gid_fast
gh-pages
clush
expiration
jsonvalidator
v3.23.01
v3.23.00
v3.22.00
v3.21.00
v3.20.00
v3.19.01
v3.19.00
v3.18.99-rc1
v3.18.00
v3.17.01
v3.17.00
v3.16.99-rc3
v3.16.99-rc2
v3.16.99-rc1
v3.16.01
v3.16.00
v3.15.00
v3.14.16
v3.14.15
v3.14.00
v3.13.01
v3.13.00
v3.12.00
v3.11.02
v3.11.01
v3.11.00
v3.10.00
v3.09.02
v3.09.00-really
v3.09.00
v3.09.00-rc3
v3.09.00-rc2
v3.09.00-rc1
v3.08.01
v3.08.00
v3.07.00
v3.06.00
v3.05.01
v3.05.00
v3.04.00
v3.03.99-rc2
v3.03.99-rc1
v3.03.01
v3.03.00
v3.02.00
v3.01.99-rc4
v3.01.99-rc3
v3.01.99-rc2
v3.01.99-rc1
v3.01.03
v3.01.02
v3.01.01
v3.01.00
v3.00.02
v3.00.01
v3.00.00
Labels
Clear labels   
answered

   
bug

   
documentation

   
enhancement

   
enhancement

   
feature

   
feature

   
kept-open-for-info

   
pull-request
Mirrored from GitHub Pull Request

  
question
No labels
answered
bug
documentation
enhancement
enhancement
feature
feature
kept-open-for-info
pull-request
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/the-bastion#94
No description provided.