- Summary:
The customer has reported an issue where users with elevated permissions assigned to a specific infrastructure group in PCE inadvertently gain these permissions globally if they are also members of another group (e.g., Global Read).
Objective:
Ensure that elevated permissions remain strictly confined to the designated infrastructure group, preventing unintended inheritance in the production environment.
Acceptance Criteria:
- Elevated permissions must be restricted to the assigned infrastructure group.
- Users in other groups (e.g., Global Read) should not inherit these permissions globally.
Functional Requirements:
- Elevated permissions should apply only to the designated infrastructure group.
- There should be no unintended propagation of these permissions to users belonging to other groups.
This enhancement aims to maintain access control integrity and prevent privilege escalation beyond the intended scope.