As an administrator of the registry, I don't want ENG operator loading data to have administration authorizations

NASA-PDS / registry

PDS Registry provides service and software application necessary for tracking, searching, auditing, locating, and maintaining artifacts within the system. These artifacts can range from data files and label files, schemas, dictionary definitions for objects and elements, services, etc.

https://nasa-pds.github.io/registry

Apache License 2.0

2 stars 2 forks source link

As an administrator of the registry, I don't want ENG operator loading data to have administration authorizations #309

Open tloubrieu-jpl opened 1 month ago

tloubrieu-jpl commented 1 month ago

💡 Description

We need to have 2 distinct groups for ENG node:

admin: authorized to create indexes...
operator: only read/write in the en-* indexes

⚔️ Parent Epic / Related Tickets

No response

sjoshi-jpl commented 1 month ago

We can have a PDS_ADMIN_USERS and PDS_ENG_USERS, both tied to different IAM roles. The ENG IAM role will only have read/write access to en-* indexes.