Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-28419

Add new "Security Admin" role

    XMLWordPrintable

Details

    Description

      This role should be as follows:

      1. Should have read access to topology, buckets and admin settings (similar to Read-Only Admin)
      2. Should be able to change the roles a user has (except itself)
      3. Should not be able to grant full Admin roles or Security Admin roles to other users (to prevent privilege escalation)
      4. Should not have access to bucket data

      Attachments

        Issue Links

          is duplicated by

          Improvement - An improvement or enhancement to an existing feature or task. MB-27237 RBAC Administration: New Role => Security Administrator

          • Major - Major loss of function.
          • Closed
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. MB-23110 Separation of Duties - Administrators should not be able to see user data

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. MB-29068 UI needs changes after change in permissions of Index service API

          • Major - Major loss of function.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              Abhijeeth.Nuthan Abhijeeth Nuthan
              dfinlay Dave Finlay
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                PagerDuty