ethyca
Overhaul the Fidesops Tutorial
https://ethyca.github.io/fidesops/tutorial/
I went through the fidesops tutorial as part of the Fidesops 1.3 Checklist https://github.com/ethyca/fidesops/pull/247.
The tutorial isn't great (I wrote it quickly back in Nov 2021, heavily based on building something similar to the script in fidesdemo). We basically step them through creating a script that uses python's requests library to make a series of requests to the Fidesops API to set up all the required config. We then execute a Privacy Request against a toy flaskr app.
Big picture, is this the right way to go about the tutorial? Is creating this script the most effective demo? I wonder if cURL might be more effective. If we did stay with the Python script, the entire narrative around how I explain each step should be overhauled. More context, not just add this function, add that function. It would be useful to add testing it at certain increments so you're confirming piece by piece what you've built because we wait until the end to test it, which makes it tricky to debug.
It seems a little long too - Fidesops has a lot of configuration options - especially around being able to pinpoint very specific data with Policies/Rules/Targets - but this part of the tutorial especially is hard to follow.
It seems a little long too - Fidesops has a lot of configuration options - especially around being able to pinpoint very specific data with Policies/Rules/Targets - but this part of the tutorial especially is hard to follow.
You've hit on a broader problem in general I think, which is something like "how can we best streamline the Fidesops setup for the most common use cases?"
One piece of work we can definitely do towards this is to accept entire Policys as yaml docs. UPDATE: I've made a ticket for that here: https://github.com/ethyca/fidesops/issues/261
that's a good idea! I like the very specific configuration, it's nice that there are so many options, but yes, hard to explain, lots of steps for demos/tutorials.