API Keys should be scoped on Platform Level
Y
Young-Hwan Kim
As a Platform Team I want to automate certain administrative actions e.g. for Sandbox Cloud Accounts.
At the moment all Admin Actions are always enabled for all platforms within meshStack which is problematic due to potential interference between different platform teams:
- accidential deletion
- non-autorized read on cloud accounts
etc.
Therefore scoping API keys on specific platforms would be good
J
Johannes Rudolph
I suppose you want this to behave similarly to how API permissions for building blocks work already, ie there’s already a specific set of permissions for when you use the platform builder and own the definition you can also manage BBs using that definition, even if they’re not in your workspace.