-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User groups for credhub cli #19
Comments
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/151939991 The labels on this github issue will be updated when the story is started. |
This issue was moved to cloudfoundry/credhub#20 |
Hi @gdenn - I've moved this issue to the main CredHub repo because the feature requested is part of the access control list functionality that we are working on in the server, not specifically a function of the CLI. |
@danjahner , ok thank you. |
Feature Request
Problem
We access the same credhub with multiple users through the credhub cli. But i don't want everyone to see all the variables in the credhub. E.g. we have credentials only relevant for specific Concourse Pipelines, credentials needed by an Administrator for our bosh deployment or simple credentials that help apps to access their dashboard.
As we are redeploying our bosh from time to time to include new features, it is important to us that the different people can access their passwords without conducting a system administrator.
But on the other hand we don't want to expose all credentials to everyone.
Solution
credhub cli could support different user groups. Each group gets e.g. access to a certain set of credentials that match a prefix. For our Concourse users this prefix would be
/concourse
.With the different user groups i could create user accounts with only the access permissions i am comfortable to give.
best
The text was updated successfully, but these errors were encountered: