Policies: Allow restriction of users/groups to role | Feature Requests

Policies: Allow restriction of users/groups to role

in progress

Richard Bayer

We have to ensure that only certain users or groups can be assigned to the "Project Admin" role. Therefore we need a mechanism to restrict that. At the moment Workspace Managers can assign any user / group to any role, e.g. you could have a group "MyApp-Project-Reader" and assign it to the role "Project-Admin".

March 6, 2025

This post was marked as

in progress

Thomas Abbe

Please consider the restriction of users/groups also for workspace roles.
Our usecase: restrict the Workspace Owner role to a limited set of users.
Thank you

Johannes Rudolph

Thomas Abbe: Your idea of making this restriction available on workspace roles would also with a bit of further extension make it possible to implement https://meshcloud.canny.io/feature-requests/p/restrict-workspace-creation

Rebecca

marked this post as

planned

We want to provide you with this functionality in the next couple of weeks. We will keep you posted

Rebecca

Thank you so much for taking the time to share your requirement! I can understand that you want to have further mechanisms to restrict access to roles. Feel free to share the canny link with others to receive more votes for your idea.

Richard Bayer

I'd think of a policy that you can apply to a role + user/group combination. Our groups already have tags we can use. If you would extend you taging concept to roles and so the policies, it would be sufficient...

Carsten Reelfs

That is an important feature!