This idea builds off of:

• https://ideas.platform9.com/ideas/PMK8-I-325

• https://ideas.platform9.com/ideas/PMK8-I-326

As an MSP, I would like to be able to give my customers an auth token that allows them RBAC permissions on K8s clusters in a Multi-tenant scenario, but also access on the Tenant management plane itself. This token must only apply to a given Tenant and data within the PMK management plane.

For example, this would allow me to share a token with a customer that would allow them to bootstrap a new cluster via API but nothing else and would not allow them to bootstrap a cluster in a different Tenant.