Update adminstrator access control document

[cristiklein]

Update this page to reflect how exactly access is being given to the super application developer and developers.

Notes from a previous meeting:

How are the Grafana roles used?

• Overall mapping of Grafana roles:
  • Grafana admin: super application developer (configured by the admin)
  • Grafana editor: application developer (configured by the super)
  • Grafana viewer: any OpenID user
• Onboarding process:
  • Super application developer logs in to Grafana via OpenID
  • Administrator logs in to Grafana via static admin user
  • Administrator promotes OpenID user to Grafana admin

How are OpenSearch roles user?

• Configured via sc-config.yaml
• Overall mapping:
  • dashboards_admin: administrator
  • dashboards_dev: Application developer
  • (OpenSearch lacks a notion of super application developer.)

How are Harbor roles used?

• Pretty much like Grafana
• Onboarding process:
  • Super application developer logs in to Harbor via OpenID
  • Administrator logs in to Harbor via static admin user
  • Administrator promotes OpenID user to Harbor admin