Hi everybody,

The Analytics team is trying to simplify the access request process to the stat100x clients to avoid, as much as possible, confusion for the user requesting access or for the SRE reviewing the access request. The following is happening: * analytics-users and researchers POSIX group are being deprecated in https://phabricator.wikimedia.org/T269150 and https://phabricator.wikimedia.org/T268801. They are used only by few users and they are not needed anymore nowadays. To be clear, we are not trying to deprecate the Research team, we love them :) * analytics-privatedata-users becomes the standard POSIX group to access the stat100x hosts and the Hadoop cluster. A user will be able to require only membership to the group (granting access to the stat100x hosts plus some PII data like the one on Mariadb Wiki-replicas etc..) or also to request the additional Kerberos account, to have access to Hadoop's PII data too (and compute power).

The main idea is to shift the focus of the user requesting access to the fact that they will be exposed to PII data in some form, so careful steps will need to be taken (see https://wikitech.wikimedia.org/wiki/Analytics/Data_access#User_responsibilit... ).

As always, feedback and suggestions are welcome!

Luca (Analytics team)