Bug 1418216
| Summary: | [RFE] add cluster level permissions on groups and users for pods/containers and images | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Dafna Ron <dron> | ||||
| Component: | UI - OPS | Assignee: | Loic Avenel <lavenel> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | Dafna Ron <dron> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 5.7.0 | CC: | dajohnso, dron, hkataria, jhardy, mpovolny, obarenbo, simaishi | ||||
| Target Milestone: | GA | Keywords: | FutureFeature, UserExperience | ||||
| Target Release: | cfme-future | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | container:rbac | ||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2018-07-01 18:47:19 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | Container Management | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 1246597 [details] screenshot Description of problem: when creating a new role, there is a way to limit the templates and vm's access to user and groups or specific users. This does not exist for containers providers and we have to limit access by tagging specific objects (which is not scalable). Version-Release number of selected component (if applicable): cfme-5.7.1.0-2.el7cf.x86_64 How reproducible: 100% Steps to Reproduce: 1. log in to cfme as admin user 2. navigate to configuration -> access control -> role 3. create a new role 4. there is a scroll for: VM & Template Access Restriction with two options: "only user and group owned" and "only user owned" Actual results: for container providers, we cannot limit permissions to objects in a cluster level and have to add tag restriction per objects Expected results: currently, it is very difficult to manage more accurate permissions to pods/containers and images in a cluster level. Additional info: screenshot.