Restricted API keys - Githubissues

balena-io / open-balena

Open source software to manage connected IoT devices at scale

https://balena.io/open

GNU Affero General Public License v3.0

1.04k stars 164 forks source link

Restricted API keys #182

Closed TimoAtMUV closed 5 months ago

TimoAtMUV commented 8 months ago

An API token for the Balena cloud is very powerful and anyone who has the API key can have a big impact on devices, e.g. update all environment variables of all devices, it would be great if we could restrict an API key to a subset of fleets.

This would make development cycles much more secure. => Limit an API key to a staging fleet.

fisehara commented 5 months ago

@TimoAtMUV Yes this is a valid request. This issue should be located at https://github.com/balena-io/open-balena-api/issues as this is the place where the API keys are managed. Right now the open-balena-api is not supporting (fleet) scoped API keys. Eventually this feature will be implemented.

TimoAtMUV commented 5 months ago

Thank you for the response, I close it and open a new Issue at https://github.com/balena-io/open-balena-api/issues