Access Token tied to roles in PMK Management Plane

This idea builds off of:


As an MSP, I would like to be able to give my customers an auth token that allows them RBAC permissions on K8s clusters in a Multi-tenant scenario, but also access on the Tenant management plane itself. This token must only apply to a given Tenant and data within the PMK management plane.


For example, this would allow me to share a token with a customer that would allow them to bootstrap a new cluster via API but nothing else and would not allow them to bootstrap a cluster in a different Tenant.

  • Guest
  • Nov 16 2022
  • Attach files