Organisation fo ST2 #6147
Comments
|
Can't I currently do something like this with LDAP mapping to RBAC roles? |
|
It's possible to add map roles to a ldap group. But there are some limitation with RBAC. (Please correct me if Iam wrong with it)
At the moment I'am working on a POC to build a MultiTeam Shared Stackstorm Instance. In The past we had many but that generate a lot of cost in the cloud. |
|
I agree with the Key Value Store, and it would add (or I'd like to see) a feature for auto-deleting the values if a team is un-assigned from the instance. Overall this is a good idea, as client / user data separation is a good practice in corporate environments. |
|
What I would perhaps also like to see, if you're going to implement team segmentation like this, is to be able to segment the workspace of the users. My current setup has ST2 instance running on a server with manually added team-specific folders into st2.conf packs_base_paths. Since ST2 allows for creation of workflows in the UI, but does not allow for creation of python actions, I've also put JupyterHub (that spawns user-specific jupyter notebook server via docker) onto the same host. This way I can have team specific folders mounted into Jupyter and people can create or modify py scripts without having access to the server. |
Hi Community,
I think this Idea is maybe very complex. I don't know if it's possible.
It would be nice if you could Create different Orgs in Stackstorm. Do you Know AWX and Ansible Automation Platform? There you can create an Org as a top Level Domain. So you can create Orgs for different Teams in a Company.
The Idea would be that I can log in to ST2 and then Switch Between Orgs with a Button.
So then I am in Org Customer1 I see all Packs, History, and all that was done in this Context and then I swish to Org Customer2 I can only see that Stuff.
This would make it easier to create the right RBAC rules.
What do you think about it?
The text was updated successfully, but these errors were encountered: