Peter Burkholder

Oh, I do that all the damn time. +1. I thought it was just me :-) Thanks for suggesting.

 We'd love to have an update here for our compliance purposes, at the least. Thanks!

Hi again - OWASP ZAP misidentifies this as Medium impact "Format String Error"-type vulnerability, so it would help Stratos customers conform to vulnerability scans by clearing this issue, if you...

sorry to spam you, but I'm obliged to ask this periodically: > Hi again - OWASP ZAP misidentifies this as Medium impact "Format String Error"-type vulnerability, so it would help...

Is there support for generating a CRM via transform for any of these three scenarios: full SSP access, CRM only access, or legacy CRM?

Thanks for the feedback. I have to fetch the policies one-at-a-time because `aws_iam_policies.where(policy_name: /#{s3_iam_pattern}/)` doesn't fetch the actual policies, just the following: `[:policy_name, :policy_id, :arn, :path, :default_version_id, :attachment_count, :permissions_boundary_usage_count, :is_attachable,...

I've created a bucket issue for cloud.gov: https://github.com/cloud-gov/private/issues/440

READMEs should be useful, and in that spirit, it would useful to reference an alternative, if incompatible, approach. I'm for updating the README.

Is there an update here? This has been 📆 for a while now, and implementation would close a compliance concern we're addressing.

Is there any way to log or track number of currently active tokens, or the IPs they're associated with? The ability to flag anomalous behavior here would be a compensating...