35
how do you fix an issue you can't reproduce? a case study
(www.youtube.com)
I'm sure most of us have had to deal with issues reported by end users that we ourselves aren't able to reproduce
This video is an extended case study going through my thought process as I tried to track down and fix a mysterious performance regression which impacted a small subset of end users
I look at the impact of acquiring mutex locks across different threads, identifying hot paths by attaching to running processes, using state snapshot comparisons to avoid triggering hot paths unnecessarily, the memory implications of bounded vs unbounded channels, and much more
tl;dr all the same caveats with self-hosted software apply; don't do anything you wouldn't do with a self hosted database or monitoring stack.
The rules themselves are the same public rules in the IAM docs on AWS, GCP etc., while the collections of these public rules (eg. the
storage_analytics_ro
example in the README) defined at the org level will likely be stored in two ways: 1) in a (presumably private) infra-as-code repo most probably using the Terraform provider or a future Pulumi provider, 2) the data store backing the service which I talk about more below."Who received access to what" is something that is tracked in the runtime logs and audit logs, but as this is a temporary elevated access management solution where anyone who is given access to the service can make a request that can be approved or denied, this is not the right place or tool for a general long-lived least-privilege mapping of "this rule => this person/this whole team".
This is largely up to the the team responsible for the implementation and maintenance, just like it would be for a self-hosted monitoring stack like Prom + Grafana or a self-hosted PostgreSQL instance; you can have your data exposed through public IPs, FQDNs and buckets with PostgreSQL or Prom + Grafana, or you can have them completely locked down and only available through a private network, and the same applies with Satounki.
Yes, yes, yes, yes and yes, though the degree of confidence in each of these depends to some degree on the competence of the people responsible for the implementation and the maintenance of the service as is the case with all things self-hosted.
If deployed in an organization which doesn't adhere to at least a basic least-privilege permissions approach, there is nothing stopping a bad internal actor with Administrator permissions wherever this is deployed from opening up the database directly and making whatever malicious changes they want.