Closed egallama closed 3 months ago
allowCreatingBot
is there any user group that only have bot usage permission? (no sharing and no creating bot permission, just use the bot that is shared with)
We are seeking your feedback regarding the implementation of this feature. The plan is to allow the control of bot creation permissions through the admin panel, where permissions can be granted to individual users. Technically, this control will be implemented using Cognito user groups. However, due to strict Cognito quota limitations (25RPS), it's hard to include bulk permission assignment in an initial release. With this approach, if we need to continue allowing existing users to create bots, it may require significant operational overhead (since the default will be that bot creation is not allowed, existing users will also be unable to create bots. We will need to grant permissions to existing users individually through the admin panel). Please react with the following: 👍 No issues (plan to proceed with implementation soon) 👎 There are issues (this may delay the release or lower its priority)
I agree with this. However, I would appreciate it if you could provide an option to turn on bulk permission assignment. I don't think there is any problem with turning it on or off using cdk.json or from the screen.
any update on this?
Working on #319
Describe the solution you'd like: I would like to implement controls over the creation and usage of bot functionalities. Specifically, I aim to segregate users into two categories: those who can create bot functionalities and those who can only utilize the bots that have been created.
Why the solution needed: This solution is necessary to ensure controlled access to bot creation features. By segregating users based on their privileges, we can maintain better oversight and security over the bot functionality within our system.
Additional context: At present, we lack the ability to control who can create bot functionalities and who can only use them. Introducing this feature would enhance our system's security and governance, allowing for more effective management of bot-related activities.