-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[META] - Review and Update permissions docs around available services on Nebari #513
Comments
Some permission settings I'd be interested to learn about:
In general, I think we need to use the fine grained permissions to move towards removal of "super admin". To that end, we need to think through all the equivalent permissions required for the individual services. |
Can we also remove the developer and analyst groups. |
As of reference, I am also adding our current docs about the matter: |
Issues from recent demo. Adding There is a permission that was required before I could see dashboards that were shared with me. I thin @marcelovilla said it was |
It seems to be missing a significant factor in our docs regarding a general overview/breakdown of what each permission does and what are their associated roles/scopes:
|
For jhub-apps deployments: The role is under Clients/jupyterhub/Roles/allow-app-sharing-role Note that the "Create App" form allows you to select sharing options even if you do not have permissions to do so. We are working to disable these options if you don't have proper permissions. |
Preliminary Checks
Summary
After the recent update on how permissions are consumed from Keycloak resources to each service, we must ensure our documentation is clear and current.
Steps to Resolve this Issue
...
The text was updated successfully, but these errors were encountered: