Currently, while using the Git Integration from Datastage Flow Designer, it is easy for any user to connect to any GitLab repository it had access and upload jobs inside it.
The issue comes when on a Production environment, for example, you can load a job from any GitLab repository without proper surveillance. This can lead to major security issues, since you cannot manage who can upload jobs onto any environment.
|Who would benefit from this IDEA?||Any Datastage Flow Designer user that wants to make use of the Git integration|
How should it work?
There are no current workarounds for this issue.
Proposed solution: Disable the capability to pull assets from GIT in TST, ACC & PRD. Define access controls per user/user group for this functionality:
The benefits of this idea is that the security concern will disappear and this solution can be used globally by ING, since it is a very good implementation and can help a lot of people to make their work much easier.
|Priority Justification||In order to allow the usage of GIT integration in a controlled & secure way, currently it's banned in our company because of the security leaks it exposes|
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "firstname.lastname@example.org" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions