You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the feature:
Make Agents+Integrations (including custom pipelines) space aware
Describe a specific use case for the feature:
We've got some power users/sysadmins/DevOps(tenants like) that need to install their own Agents+APM and be able to customize the Policy Integrations that they deploy in their own Space without Elastic Admin permissions. They also need some custom pipelines.
Since sharable saved objects are already a thing, like @jen-huang mentioned here and @joshdover in #128202 (comment)
the need to allow users to share the same SO across multiple spaces would make sense here but I am not sure that it will cover all cases(like custom pipelines)
To clarify, other "tenants" in different spaces should not be able to interact with the Agents already deployed but assigned to other spaces or the other way around. Elastic Admins should.
At the moment I limit in roles the index access based on the namespace *my_namespace_tenant* and read-only for metrics-*my_namespace_tenant*
That works great for indices but for pipelines I need to give the bellow permission which are a bit too much as they could break some not belonging pipelines. manage_enrich manage_pipeline read_pipeline manage_ingest_pipelines manage_logstash_pipelines manage
The text was updated successfully, but these errors were encountered:
@zez3 we are looking at making Fleet space aware to the extent possible. but there will be limitations and we are working through those details at this point.
Describe the feature:
Make Agents+Integrations (including custom pipelines) space aware
Describe a specific use case for the feature:
We've got some power users/sysadmins/DevOps(tenants like) that need to install their own Agents+APM and be able to customize the Policy Integrations that they deploy in their own Space without Elastic Admin permissions. They also need some custom pipelines.
Since sharable saved objects are already a thing, like @jen-huang mentioned here and @joshdover in #128202 (comment)
the need to allow users to share the same SO across multiple spaces would make sense here but I am not sure that it will cover all cases(like custom pipelines)
To clarify, other "tenants" in different spaces should not be able to interact with the Agents already deployed but assigned to other spaces or the other way around. Elastic Admins should.
At the moment I limit in roles the index access based on the namespace *my_namespace_tenant* and read-only for metrics-*my_namespace_tenant*
That works great for indices but for pipelines I need to give the bellow permission which are a bit too much as they could break some not belonging pipelines.
manage_enrich manage_pipeline read_pipeline manage_ingest_pipelines manage_logstash_pipelines manage
The text was updated successfully, but these errors were encountered: