1. Proposed title of this feature request
Advanced Dev Spaces Authorisation

2. What is the nature and description of the request?
In current scenario anyone who has access to a cluster can create workspace as the current operator automatically allocate authenticated users to one of these roles devspaces-cheworkspaces-clusterrole
devspaces-cheworkspaces-devworkspace-clusterrole

3. Why does the customer need this? (List the business requirements here)
Security impact and no control on who can create workspaces. As of now everyone can create that. Multi tenanted environment customer would like to use Dev Spaces and other operators for different set of users.

4. How would the customer like to achieve this? (List the functional requirements here)
Available as a new feature in Dev Spaces operator. Customer would like to ability to configure CHE cluster CR (custom resource) and specify list of open shift groups that has the capability to create the workspace

5. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
Customer has ROSA cluster with multiple LDAP group mapped to the cluster and they would test how only members of one of the LDAP group can create workspaces.

6. Is there already an existing RFE upstream or in Red Hat Bugzilla?
NA

7. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)?
By Q4 2023 Customer is going live with dev workspace so need it before that.

8. Is the sales team involved in this request and do they have any additional input?
YES. 

9. List any affected packages or components.
Dev Spaces Operator

10. Would the customer be able to assist in testing this functionality if implemented?
Yes, customer can upgrade the Dev Spaces operator and test in their test environment