external_auth to limit arguments sent to salt modules #20255
Labels
Feature
new functionality including changes to functionality and code refactors, etc.
Milestone
This is a feature request for a finer ACL mechanism in external_auth.
I would like to limit the scope of certain modules, for example, allowing cmd.run but only for certain commands :
or so that some users can apply only certain states :
Right now, the only way to do this in salt (that I can think of) is to add a module that only does that sub part and allow it in external_auth. If anyone can think of another way with the existing code, please suggest it here!
The text was updated successfully, but these errors were encountered: