New CF RBAC space-scoped granular roles

[piyalibanerjee]

Proposal ACCEPTED

Proposal Name

New CF RBAC space-scoped granular roles

TL;DR Summary

As a CF space manager, I want to have fine-grained control on the authorizations of my space users, so that I can grant only the actually required authorizations and thus avoid issues like leakage of credentials, unauthorized access to critical data, corruption of data by mistake (e.g. deletion of service instances).

Proposed role(s): Space operator (name still being decided)

• Can display action logs
• Can start, stop and restart applications
• Can view lifecycle events for application
• Can read, bind and unbind service instances
• Can scale applications
• Cannot display application environment (=> reveals technical credentials)
• Cannot create, update or delete service instances
• Cannot create new packages or update source code. As a result, wouldn't be authorized to cf push

Proposal URL

https://docs.google.com/document/d/1isfsSWvF8xDU0G69k4MqB3o5c2vB0P3Vbi79W0yvqFQ/edit

Point of Contact

@piyalibanerjee @monamohebbi @jenspinney [PLACEHOLDER: point of contact from SAP]

[piyalibanerjee]

There are a few options for what the space operator role can be called. Please pick an option from the poll below:

If there are any other suggestions, please leave them in comments here!

Note: Alternatives to 'space operator' name were suggested as a result of the concern about 'operator' being an overloaded/overused term in CF.

[monamohebbi]

Detailed proposal for the Space Application Supporter: https://docs.google.com/spreadsheets/d/1w07-1nlEXYzeDseT_BEKaT2T-QC-wZhNXrX4JPRrAYM/edit?usp=sharing