✅ Granular RBAC on Instance Actions

Ideas
, , ,
1

Headline:
Granular RBAC on Instance Actions to restrict users to more basic functions.

Description:
Would like to be able to restrict actions from the Instance > Actions and Server > Actions dropdown within the UI. Right now the access is full or none for the bulk of actions.

Example/Use case(s):

  1. Specific users should be able to reconfigure, and power on / off but not run tasks
  2. Specific users should be able to run a subset of tasks/workflows on servers only. Operational type tasks and workflows should be hidden.
  3. Specific users should not have the ability to add node
1 Like
2

For now our main use cases would be to allow/deny a user separately (in order of priority):

  • Power Cycle (Start, Stop, Restart)
  • Reconfigure
  • Delete
  • Edit
2 Likes
3

Thank you for the additional input @marcel.rummens! Quick question. Are you looking to simply hide the Edit/Delete/Power Cycle? Or are you looking for granular tasks within those functions.

Also, do delayed deletion policies solve the ask about Delete?

4

We actually want them (Power, Delete, Reconfigure etc.) to be displayed instead of hidden. Our use case is that we want to hide the Create/Add Instance Button/Wizard but retain the above buttons. So maybe it would also be sufficient is we split the roles like this:

  • Add
  • Actions
  • Delete

Then we have the main life cycle elements covered.

5

@cbunge Any news here?

6

Hi @marcel.rummens we have this on our priority list awaiting an assigned estimate release.