edit_organization permissions needed on upstream satellite
The documentation around ISS says that the downstream satellite's credentials needs edit_organization permissions to download the certificate
Version-Release number of selected component (if applicable):
Why is this OK and is there a workaround for customers that do not want to give downstream owners edit_organization permissionsSteps:
Create a role with
- Create a user with this role.
- From a 2nd foreman server try to pull content from this server using network sync using the above user.
Downstream Sync + Enable should work
Unable to download debug certificate without the edit organization permissions
Download debug certs requires edit organization. However we should also allow it if the user can view organization and export_content.