oam-kubernetes-runtime icon indicating copy to clipboard operation
oam-kubernetes-runtime copied to clipboard

Published 20 hours ago verified publisher icon crossplane

Using the OAM to describe resources, how do we implement platform-level authority management

Open CoderPoet opened this issue 5 years ago • 2 comments
trafficstars

Using the OAM to describe resources, how do we implement platform-level authority management?

Previously, we set the Role, bound the corresponding resource, and then bound it to the user through RoleBinding. But now the user is operating on the Component and AppConfig resources, and then the operator is operating on the resources, and the OPERATOR's SA has permissions on those resources, equivalent to all OAM users having permissions on those resources.

CoderPoet avatar Aug 06 '20 02:08 CoderPoet

/cc @ryanzhang-oss @artursouza @negz

prasek avatar Aug 07 '20 00:08 prasek

OPERATOR's SA has permissions on those resources, equivalent to all OAM users having permissions on those resources.

I wonder if you have a more specific example on what is an "OAM user" vs "OPERATOR's SA"?

ryanzhang-oss avatar Aug 12 '20 22:08 ryanzhang-oss