Skip to content

Feature Request: Tag-scoped/Group-based RBAC (limit query rights by allowed tags/groups)Β #683

New issue
New issue
Open
Feature
Open
Feature Request: Tag-scoped/Group-based RBAC (limit query rights by allowed tags/groups)#683
Feature
Assignees
javuto
Labels
πŸ™ feature requestRequest for new featureosctrl-adminosctrl-admin related changesosctrl-apiosctrl-api related changesπŸ” permissionsPermissions related issues
@KshitijPatil98

Description

@KshitijPatil98
KshitijPatil98
opened on Aug 19, 2025

Current RBAC is environment-level (read/query/carve). We need finer-grained authorization so a user can run queries only against nodes matching an allowed set of tags. Minimal ask: per-user (or role) allowlist of tags per environment, enforced at query/carve submission (and optionally in list/views). This reduces blast radius and aligns access with ownership boundaries.

Metadata

Metadata

Assignees

Labels

πŸ™ feature requestRequest for new featureosctrl-adminosctrl-admin related changesosctrl-apiosctrl-api related changesπŸ” permissionsPermissions related issues

Type

Feature

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions