Granular permissions to features in RDM

Hello,

Thank you for the request. We have some ideas on how we could implement this, we will discuss this internally to come up with a good solution.

Regards,

This would be very useful. I would like to give some users permissions to add/edit 'Azure service principal' entries but I do not wish to allow them to do this on other entry types.

@nicolaihansen If your goal is to make sure users are not allowed to edit Azure Service Principal-type entries, you could create a template of this entry with the necessary permissions disabled, and create them with that template. This would ensure that every time you create an entry of this type, the permissions are correctly set.

Regards,

@nicolaihansen If your goal is to make sure users are not allowed to edit Azure Service Principal-type entries, you could create a template of this entry with the necessary permissions disabled, and create them with that template. This would ensure that every time you create an entry of this type, the permissions are correctly set.

Regards,

@Hubert Mireault
the goal is the opposite, I want them to be able to add/edit new Azure Service Principal-type entries, but not other types of entries. I have not looked much into templates, could that be a solution?

@nicolaihansen Yes, the same principle could be used. By default, the permissions are set to be inherited (this is one of our core concepts), which means that you can configure the permissions you would want all your entries to have by default in either the vault's settings, or even at the system settings level if you're on a datasource that supports them. From there, you could create a template for Azure Service Principal where the permissions are set to be enabled, and then create these entries from there. You can also read more about templates here.

Let me know if you have any additional questions.

Regards,