Restrict platform choice of workspaces | Feature Requests

Restrict platform choice of workspaces

complete

Felix

We want to restrict access to platforms to workspaces upon creation of workspaces by the cloud onboarding portal.

Right now there are two options:

Setting up the platform as private and adding workspaces to a list. Downside: The restrictions can't be updated via API. So customers would have to wait until someone manually adds them to the list, which defeats the purpose of meshStack.
Using tags and policies: I have a tag "allowedPlatforms" on workspace level and a tag "platform" on Landing Zone level. Downside: Customers have to enter a platform tag (which they already provided on workspace level) again on project level because policies between workspace and landing zones are not supported. This again defeats the purpose of meshStack as an integrated platform that knows your context already.

Solution patterns:

https://meshcloud.canny.io/feature-requests/p/meshplatform-configuration-via-api
"Inheriting" tag values from workspace to project level
Directly create policies between Workspaces and Landing Zones

Jelle den Burger

marked this post as

complete

Great news! We now support this by the ability to define a policy between Workspace & Landing Zones.