Actions
Feature #39239
open
RBAC - role allowing to pull only from specified Lifecycle Environment
Status:
New
Priority:
Normal
Assignee:
-
Category:
Container
Target version:
-
Description
I was trying to create a role that will allow user for pulling images only from certain LCE, but it still has permissions to pull from library. Is it even possible?
Sample ansible task I was using:
- name: Create TEST Pull Role
theforeman.foreman.role:
server_url: "{{ foreman_server_url }}"
username: "{{ foreman_admin_user }}"
password: "{{ foreman_admin_pwd }}"
name: "Container Puller TEST"
filters:
- permissions:
- view_products
search: "name = 'OCI registry'"
- permissions:
- view_lifecycle_environments
search: "name = 'TEST'"
- permissions:
- view_content_views
search: "name ~ 'TEST'"
- permissions:
- view_organizations
search: ""
- permissions:
- view_locations
search: ""
- permissions:
- view_images
search: ""
- permissions:
- create_personal_access_tokens
- view_personal_access_tokens
search: ""
state: present
Updated by Jeremy Lenz about 2 months ago
- Tracker changed from Support to Feature
- Category set to Container
- Triaged changed from No to Yes
Updated by Ian Ballou about 2 months ago
Hi maciej, you cannot perform this today, so we are turning this into a feature request.
Actions