Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Access Controls reference docs to include cluster_labels #10463

Closed
pschisa opened this issue Feb 18, 2022 · 1 comment · Fixed by #46401
Closed

Update Access Controls reference docs to include cluster_labels #10463

pschisa opened this issue Feb 18, 2022 · 1 comment · Fixed by #46401
Labels
c-co Internal Customer Reference documentation trusted-cluster

Comments

@pschisa
Copy link
Contributor

pschisa commented Feb 18, 2022

What

Request is to add a mechanism by which a Teleport admin can restrict the end users ability to view specific trusted clusters in the list presented by the Web UI and tsh clusters

How

Some possible ways I see it being done:

Enable Admins to manually set labels on trusted cluster relationships and then restrict user access to trusted clusters from the root based on those labels and role permissions

Automatically review the resource permissions set by a users role and not present clusters for which they have no resources present

Why

It can be awkward for end users to navigate a large list of trusted clusters, most of which have no resources and show error messages in web UI.
@pschisa pschisa added feature-request Used for new features in Teleport, improvements to current should be #enhancements ux c-co Internal Customer Reference documentation and removed feature-request Used for new features in Teleport, improvements to current should be #enhancements c-co Internal Customer Reference ux labels Feb 18, 2022
@pschisa
Copy link
Contributor Author

pschisa commented Feb 22, 2022

Confirmed this is already available using the updates from #4630 as outlined in our trusted cluster docs: https://goteleport.com/docs/setup/admin/trustedclusters/#rbac

Only thing missing is to add the cluster_labels to our RBAC reference sheet (https://goteleport.com/docs/access-controls/reference/), moving this to a docs issue

@pschisa pschisa changed the title Add ability to restrict end user view of trusted clusters in Web UI and tsh Update Access Controls reference docs to include cluster_labels Feb 22, 2022
ptgott added a commit that referenced this issue Sep 9, 2024
@ptgott
Add more context around _labels role fields
76c083f 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
@ptgott ptgott mentioned this issue Sep 9, 2024
Merged
github-merge-queue bot pushed a commit that referenced this issue Sep 10, 2024
@ptgott
Add more context around _labels role fields (#46401)
f2b0d11 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-actions bot pushed a commit that referenced this issue Sep 10, 2024
@ptgott
Add more context around _labels role fields
71843a6 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-actions bot pushed a commit that referenced this issue Sep 10, 2024
@ptgott
Add more context around _labels role fields
fe66277 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-actions bot pushed a commit that referenced this issue Sep 10, 2024
@ptgott
Add more context around _labels role fields
a971e1d 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
ptgott added a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields
fa8d6ad 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
ptgott added a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields
1840006 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
ptgott added a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields
26ce6d2 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-merge-queue bot pushed a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields (#46440)
cbf45e2 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-merge-queue bot pushed a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields (#46439)
43169cd 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
github-merge-queue bot pushed a commit that referenced this issue Sep 11, 2024
@ptgott
Add more context around _labels role fields (#46438)
e78a17c 
Closes #10463

We already mention the `cluster_labels` role field in the role
reference, but it could be more explicit that this field deals with
Trusted Clusters. This change adds a short table to the role reference
to indicate the Teleport resources that correspond to different label
fields.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c-co Internal Customer Reference documentation trusted-cluster
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add more context around _labels role fields gravitational/teleport
2 participants
@ptgott @pschisa