Update adminstrator access control document #779
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
vomba
commented
Jan 24, 2024
vomba
commented
- personal data beyond what is necessary for interacting with this Pull Request;
- business confidential information, such as customer names.
cristiklein
requested changes
Jan 25, 2024
There was a problem hiding this comment.
Thank you for picking up this issue!
Could we take this opportunity to also clean up the deprecated usage of the term "super application developer". According to our Glossary, we should aim for something like:
- Application Developers who are Grafana administrators
- Application Developers who are Harbor system administrators
- Application Developers who are Kubernetes admins
| @@ -89,12 +91,12 @@ harbor: | |||
| When OIDC (e.g. DeX) is enabled we cannot create static users using the Harbor web interface. But when anyone logs in via DeX they automatically get a user and we can promote that user to admin. | |||
| Once there is one admin, they can set specific permissions for other users (there should be at least a few users promoted to admins). | |||
|
|
|||
| ## Grafana | |||
| ### Grafana | |||
|
|
|||
| !!!note | |||
| This section assumes that [elastisys/compliantkubernetes-apps/pull/450](https://github.com/elastisys/compliantkubernetes-apps/pull/450) is merged | |||
There was a problem hiding this comment.
This PR is now merged, so we can remove this note.
|
|
||
| ## Users onboarding | ||
|
|
||
| This describes how to create Super application developers |
There was a problem hiding this comment.
We decided some time ago to not use "Super" anymore. (See Glossary / Application Developer.)
Could we take this opportunity to fix this too?
|
|
||
| ### Grafana | ||
|
|
||
| 1. Super application developer logs in to Grafana via OpenID |
There was a problem hiding this comment.
Same comment as above.
|
|
||
| ### Harbor | ||
|
|
||
| 1. Super application developer logs in to Harbor via OpenID |
There was a problem hiding this comment.
Same comment as above.
cristiklein
approved these changes
Jan 29, 2024
Co-authored-by: Cristian Klein <cristian.klein@elastisys.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.