Observations
One of the pillars of Cloud Governor is the continuous observation of the target systems.
Governor Observer's mission is to "observe/request" the current status of your environment and put it into manageable "entities/objects" to work with.
Basically "Governor Observer" checks a dedicated queue "observation-orders" for observation orders and produces one or many results, storing them in the "observation-results" queue.
When the observation results are processed by Governor Engine the object becomes "Governed".
As each target system can be managed by different "scripts", we can bind these scripts in the file "scriptbinding.json" below "observer\config" folder.
Observation types can be "List" or "Object"
List Observation
It performs a script to get "all" objects of specific type in the target system. For example all Users. List observation can use "delta" flag to reduce the amount of results.
If delta is true it will ask for all new or mofified objects since last List observation.
Object Observation
From "governed" object we can request specific observation, Governor Observer will ask only for the status of this specific object.
Components of Governor Observer
Observation queues
| Queue | Description |
|---|---|
| observation-orders | Dedicated queue for on-demand requests |
| observation-orders-bg | Dedicated queue for system requests, like delta observation, expired objects, etc. |
| observation-results | Dedicated queue to store observation results to be processed by Governor Engine |
Scripts
Powershell scripts to perform the action requested and return the results
Scriptbinding.json
JSON file to tell Governor Observer which script should be executed per requested action .
Sample
{
"ScriptBindings": {
"Observations": {
"AzureADUser/List": {
"Observer": "./scripts/Observers/xAzureADUserObserver.v2.ps1",
"Action": "List"
},
"AzureADUser/Object": {
"Observer": "./scripts/Observers/xAzureADUserObserver.v2.ps1",
"Action": "Object"
},
"ExoUser/List": {
"Observer": "./scripts/Observers/xExoUserObserver.v2.ps1",
"Action": "List"
},
"ExoUser/Object": {
"Observer": "./scripts/Observers/xExoUserObserver.v2.ps1",
"Action": "Object"
}
}
}