Open piontec opened 1 year ago
@piontec is this still needed?
Yes, and it would be great if you could drive it, as it's a product feature. More context: the feature is "customers have full admin access permissions to our clusters, so they can easily use them to run their own central-management tools". There are many aspects and angles this needs to enable that feature in a secure way, like:
So, this IMHO needs an answer to the top level question: do we want to make it a product feature, and if yes, then what's the priority.
Once we know the answer, we need some cross team collaboration, with shield probably driving a security audit for this feature.
We want to simplify our platform and make it more usable for customers. As such, we decided to allow customers' admins to use their MC with full cluster permissions. We need to write down an ADR about it.