Question about configuring policy per user vs. cluster #563

brandonkal · 2019-12-06T23:13:20Z

Expected Behaviour

Currently dockerfile functions are allowed universally in the cluster or not. It would be nice to be able to share a cloud while forcing most users to use one of the cluster-approved templates.

Current Behaviour

It's either enabled or not.

Possible Solution

Add a new option "acl". If set, check if the username in the CUSTOMERS file has " dockerfile" listed:

admin-username dockerfile
squire

This solution keeps things simple.

The text was updated successfully, but these errors were encountered:

alexellis · 2019-12-06T23:33:14Z

Can you tell us more about your usecase?

alexellis · 2019-12-06T23:36:34Z

/set title: Question about configuring policy per user vs. cluster

brandonkal · 2019-12-06T23:50:33Z

Sure. I would like to deploy an OpenFaaS cloud cluster where only "admin" users can use the dockerfile template. This allows the admin user to experiment with other workloads while keeping the cluster a little more locked down for standard users to encourage the use of templates.

derek bot changed the title ~~[feature request] dockerfile ACL~~ Question about configuring policy per user vs. cluster Dec 6, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Question about configuring policy per user vs. cluster #563

Question about configuring policy per user vs. cluster #563

brandonkal commented Dec 6, 2019

alexellis commented Dec 6, 2019

alexellis commented Dec 6, 2019

brandonkal commented Dec 6, 2019

Question about configuring policy per user vs. cluster #563

Question about configuring policy per user vs. cluster #563

Comments

brandonkal commented Dec 6, 2019

Expected Behaviour

Current Behaviour

Possible Solution

alexellis commented Dec 6, 2019

alexellis commented Dec 6, 2019

brandonkal commented Dec 6, 2019