cozystack icon indicating copy to clipboard operation
cozystack copied to clipboard

Published 20 hours ago verified publisher icon aenix-io

RBAC

Open matthieu-robin opened this issue 1 year ago • 3 comments

Users management and restriction per tenant

matthieu-robin avatar Sep 13 '24 04:09 matthieu-robin

Hi @matthieu-robin could you please describe which exactly permissions you want to manage using RBAC model? It would be nice if you can provide user-story: "As Cozystack administrator I want to ..."

Initial design presumed that OIDC users and groups could be assigned per-tenant. And in tenant-configuration you can define which applications with specific values could be deployed.

Would it be enough from your point of view?

kvaps avatar Sep 13 '24 06:09 kvaps

As Cozystack administrator I want to ...

  • Grant access to a final user only to his own tenant
  • Create some roles ( read only, deploy, modify deployed app/service,...)
  • Create users per tenant

Let me know if I'm not clear enough

matthieu-robin avatar Sep 13 '24 07:09 matthieu-robin

Very clear, thank you!

kvaps avatar Sep 13 '24 07:09 kvaps