And do we have a list of what each of those roles mean For e Prefect Community #ask-community

And do we have a list of what each of those roles ...

Matt Delacour

08/04/2022, 3:38 PM

And do we have a list of what each of those roles mean ? For example what is "audit trail" ? Should my normal "users" have read access to it ? 🤷

👀 4

Matt Delacour

08/04/2022, 3:39 PM

Same for

read:message

Matt Delacour

08/04/2022, 3:41 PM

And what does

update:log

mean ? What does it mean to update the logs of a Flow?

Zach Angell

08/04/2022, 5:33 PM

Hi Matt! We don’t have a list of what each of these roles mean. Generally, “Create”, “Read”, “Update”, and “Delete” permissions refer to the ability to perform that operation on an object. So

read:flow

would give a user the right to view flows. “audit trail” refers to the ability to see audit logs. I would recommend only allowing this for admin users.

read:message

gives permission to read notifications sent by Prefect within a tenant, usually to a specific user. I would recommend giving that to all users.

update:log

, as you might guess by now, gives users the ability to update log records. This is actually not used at the moment within the Cloud 1.0 platform. But if we were to add an operation that updated logs in the future, it might become relevant. You might find the docs here helpful https://docs-v1.prefect.io/orchestration/rbac/overview.html Is there a specific persona you’re trying to create a role for?

❤️ 1

Matt Delacour

08/04/2022, 6:00 PM

Thanks Zach. I was already looking at the same Prefect doc page 👍 Thanks for the explanation of those roles 🙏

Matt Delacour

08/04/2022, 6:00 PM

Do you have any update on my other question (permissions issue) https://prefect-community.slack.com/archives/CL09KU1K7/p1659623135287269 ?

Zach Angell

08/04/2022, 7:28 PM

Yeah, I’ll respond in that thread for consistency

13 Views

Open in Slack

Previous Next