Feature Request: RBAC controls

[smitthakkar96]

Context

Currently, the only way to reduce blast radius / restrict users from accidentally attacking workloads they don't own is by installing Chaos Infra in Namespaced mode and assigning these different Chaos Infra to different projects based on ownership. This works great where clusters have namespaces segregated by team or service, but sometimes, these best practices aren't properly adopted in organisations. Also one of the trade-offs of the Namespaced deployment of Chaos Infra is the overhead of managing the life-cycle of the resources, registration/un-registration, version upgrades, monitoring, sizing capacity planning etc. Cluster-scoped deployment makes life simpler from an operation perspective however, it increases blast radius.

Feature Request

We propose integrating robust RBAC/ACL rules in Litmus to empower users to finely control access and actions within the platform. This includes:

• Restricting SSO Groups: Implementing controls to limit access to specific actions based on Single Sign-On (SSO) group affiliations.
• Workload-Specific Controls: Allowing users to specify which workloads can be targeted for chaos experiments, minimizing the risk of unintentional impacts. Also going one set further having policies to restrict teams to be able to only launch certain attacks on certain targets.
• Chaos Center Operations: Fine-tuning permissions for Chaos Center operations such as creating/updating projects, managing environments, and creating chaos infrastructure.

Inspiration

• ArgoCD's RBAC implementation
• https://casbin.org/
• https://steadybit.com/product/control-access-and-blast-radius

The goal is to strike a balance between operational simplicity and security, enabling Litmus users to tailor their Chaos Engineering practices to the specific needs and structures of their organization.

[smitthakkar96]

If the community and Litmus team is interested in such a feature, I am happy to make further discovery on this and come up with an RFC