Epic Goal
...
A VM-Admin expects that a user can only see VM's in certain namespaces (folders) where he has permissions to.
When you work with VMWare a user who does not have permissions do see something, he just does not get any results.
Customer is having shared clusters and cannot restrict on ClusterSet level.
Why is this important?
Standard feature
Scenarios
An Organization defined VM-Admins which should see only what they think is relevant
Acceptance Criteria
...cluster and namespace level rbac needs to be possible
Dependencies (internal and external)
- ...
Previous Work (Optional):
- ...
Open questions:
- …
Done Checklist
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub
Issue> - DEV - Upstream documentation merged: <link to meaningful PR or GitHub
Issue> - DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Doc issue opened with a completed template. Separate doc issue
opened for any deprecation, removal, or any current known
issue/troubleshooting removal from the doc, if applicable.
- is related to
-
CNV-51098 Improve user roles and RBAC settings
- New