We would like to inform you about a known issue currently affecting policy-based role restrictions in meshStack.
Issue Summary:
Policies configured to restrict user roles based on tags (e.g., limiting certain roles to specific user groups) are not being enforced during the initial project creation process. This means that users may inadvertently be assigned restricted roles when a project is first created, even if they do not meet the tag-based criteria defined in your policy.
Important Note:
These policies are correctly enforced when:
Adding users to a project after creation
Changing user roles within an existing project
Resolution Plan:
We are actively working on a fix, which will be included in our upcoming release next week. This update will ensure that tag-based role restrictions are fully respected during project creation, bringing consistency to policy enforcement across all workflows.
Recommended Action:
Until the fix is released, we recommend reviewing the policy violations shown in the admin and workspace area and adjusting roles manually if needed.
We appreciate your understanding and continued support. If you have any questions or need assistance, please feel free to reach out to our support team.