This Retool app makes it easy to perform periodic reviews of employee access rights. Navigate the process of preparing data, reviewing access rights, and remediating within an easy-to-use GUI.
Provides an interface to re-evaluate user roles, access privileges, and credentials to mitigate insider threats, prevent insider mistakes, reduce excessive access, and meet compliance requirements such as HIPAA, FedRAMP, SOX, and more. Take actions such as approving or revoking privileges and enter your reasons for doing so. Submit individual changes or update multiple records in bulk.
This repo includes all code needed to source user roles within your Snowflake instance and generate the table schemas that the application attaches to. Once you load this application, you have the ability to modify the source code as you need to align to your own organization’s processes. This repo:
- Provides a schema to use on Snowflake
- Provides a manager review application that implements filtering at the manager level
- An admin application to get started with user and role entry
- A review application to audit manager submissions for super-users and compliance teams
- If you need row-level security reads and writes, talk to your Retool account team
- The template assumes a simple hierarchy (reviewer to employee), however you can customize this by modifying the schema
- These applications are meant to be configurable to meet your needs
Manager Review Portal
The Snowflake User Access Roles Review app depends on the following backend services:
- Snowflake
See the detailed setup guides in the Setup Guides folder.
As an overview, these guides will take you through:
-
Set up Snowflake Step-by-step: Set up Snowflake
-
Set up your Snowflake database as a Resource in Retool Step-by-step: Set up Retool Resource
-
Set up the Retool app file Step-by-step: Set up Retool App
Please open a Github Issue on this repo, and let us know about your interest in contributing! We encourage you to reach out before you get started building to get early feedback.