Skip to content
This repository has been archived by the owner on Jun 8, 2022. It is now read-only.

Using the OAM to describe resources, how do we implement platform-level authority management #161

Open
CoderPoet opened this issue Aug 6, 2020 · 2 comments
Open

Using the OAM to describe resources, how do we implement platform-level authority management #161

CoderPoet opened this issue Aug 6, 2020 · 2 comments
Labels
help wanted Extra attention is needed

Comments

@CoderPoet
Copy link

Using the OAM to describe resources, how do we implement platform-level authority management?

Previously, we set the Role, bound the corresponding resource, and then bound it to the user through RoleBinding. But now the user is operating on the Component and AppConfig resources, and then the operator is operating on the resources, and the OPERATOR's SA has permissions on those resources, equivalent to all OAM users having permissions on those resources.
@CoderPoet CoderPoet added the help wanted Extra attention is needed label Aug 6, 2020
@prasek
Copy link
Member

prasek commented Aug 7, 2020

/cc @ryanzhang-oss @artursouza @negz

@ryanzhang-oss
Copy link
Collaborator

OPERATOR's SA has permissions on those resources, equivalent to all OAM users having permissions on those resources.

I wonder if you have a more specific example on what is an "OAM user" vs "OPERATOR's SA"?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@prasek @CoderPoet @ryanzhang-oss