634 points david927 | 5 comments | 24 Aug 24 22:00 UTC | HN request time: 0.829s | source

What are you working on? Any new ideas that you're thinking about?

1. jascha_eng ◴[25 Aug 24 08:21 UTC] No.41345527[source]▶

Working on Kviklet: http://github.com/kviklet/kviklet

My first job was in a FinTech and the way production access was managed scared me. This is my approach at streamlining the process. Basically a PR review flow for SQL queries, enforcing the 4-eyes principle so you never accidentally can do a Delete * form users, forgetting the where clause.

replies(2): >>41346226 #>>41350349 #

2. m4tthumphrey ◴[25 Aug 24 10:34 UTC] No.41346226[source]▶

>>41345527 (TP) #

This is a very cool idea! I don’t work in a team big enough for this anymore but I would have loved this in previous roles!

replies(1): >>41346441 #

3. jascha_eng ◴[25 Aug 24 11:21 UTC] No.41346441[source]▶

>>41346226 #

Thank you! This was initially a startup idea but it was very hard to sell a cyber security solution with a very bare bones product to companies large enough to have this problem. Because the required features of such large orgs are just too much for such an early stage team.

So I'm now doing it a bit as a side project but I hope to at some point also offer a paid version to fund development long term.

4. elric ◴[25 Aug 24 19:17 UTC] No.41350349[source]▶

>>41345527 (TP) #

I'm loving this. This could be generalised to other manual actions as well, e.g. stuff like the K8S API.

replies(1): >>41351928 #

5. jascha_eng ◴[25 Aug 24 22:10 UTC] No.41351928[source]▶

>>41350349 #

Yes, I already thought about this. In theory all "production access", be it ssh, k8s commands, database access of any kind or even a ruby shell could go through such a a flow. It's a bit of a pain to integrate well with everything though, but I have a lot of plans, will just take some time to mature :D

replies(1): >>41365578 #

↑

Ask HN: What are you working on (August 2024)?