You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a boolean attribute Token.perm_create_domain (default: false; migration: true if token has no policies).
Add a boolean attribute Token.perm_delete_domain (default: false; migration: true if token has no policies).
Add an boolean attribute Token.auto_policy (default: false). (Must also have a restrictive default policy)
Tokens can create domains iff perm_create_domain == True.
Tokens can delete domains iff perm_delete_domain == True && they have a permissive policy for the domain in question (or no policies at all).
When a domain is created and auto_policy == True, the token is assigned a permissive policy for this domain.
This allows provisioning of domains and maintaining/de-provisioning the same domains, within an account, without granting access to other parts of the account.
The text was updated successfully, but these errors were encountered:
Token.perm_create_domain(default: false; migration: true if token has no policies).Token.perm_delete_domain(default: false; migration: true if token has no policies).Token.auto_policy(default: false). (Must also have a restrictive default policy)Tokens can create domains iff
perm_create_domain == True.Tokens can delete domains iff
perm_delete_domain == True&& they have a permissive policy for the domain in question (or no policies at all).When a domain is created and
auto_policy == True, the token is assigned a permissive policy for this domain.This allows provisioning of domains and maintaining/de-provisioning the same domains, within an account, without granting access to other parts of the account.
The text was updated successfully, but these errors were encountered: