Workspace scoped API tokens
complete
Jelle den Burger
At the moment API tokens have to be provisioned as an "almighty" token where almost all administrative actions are possible.
This makes it (from a security PoV) pretty much impossible to hand out API tokens to workspace users that want to do some automation in their workspace such as creating tenants and creating service instances.
It would be great if an API token could be scoped to just a single workspace so any changes done via the API are isolated to just that workspace.
R
Rebecca
complete
We are happy to announce that we have workspace scope API Keys now. We are still in the process of adding more endpoints to manage e.g. Tenants and Building Blocks to provide you the opportunity to automate your processes e.g. spinning up an Azure Subscription with an Azure Vnet from a pipeline. You can find a guide on how to set it up in our docs.
X
Xavier Aznar
Rebecca As the feature is being rolled back, shouldn't the feature be kept open. Or there's a new feature request for the newer version of the Workspace API Tokens? (If so, could you please add a link to it? Thanks in advance)
R
Rebecca
Xavier Aznar Hi Xavier, the feature is not being rolled back. We will provide a feature toggle to disable the creation of an API key from workspace areas for individual meshStacks. I will get in touch with you via email to figure out how we can align with stakeholders in your account and make this available to you in some shape or form.
Felix
End-to-End tenant management entails:
- Project creation (incl choosing a payment method)
- Tenant creation (incl choosing a platform and landing zone)
- Project role bindings
Jelle den Burger
Quick update: we are still on it but have to postpone the release of the feature to Q2. Thank you for your patience.
Polina Sadykova
in progress
Based on your invaluable feedback, we're excited to announce that we're currently hard at work to bring this feature to life.
We are planning to ship it to you in mid Q2, so we encourage you to stay tuned to Product Newsletters to have timely updates about progress.
Thansk a lot again for your activity and feedback!