Hi, what policy do I need to set to give permissio...
# helpc
Cristian Caloian
03/17/2023, 12:22 PMHi, what policy do I need to set to give permissions for setting branch protection rules? I couldn’t find one that matches exactly the description, so I guess it must be covered by some other more general one. The user has permissions to see Actions, Settings>General and Settings>Retention, but does not have permission for Settings>Branches.
b
Barak Amar
03/17/2023, 12:27 PM
The
RepoManagementFullAccessbranches:*o
Oz Katz
03/17/2023, 12:31 PM
@Barak Amar I opened issue #5513 to track this - currently
branches:*c
Cristian Caloian
03/17/2023, 12:51 PMThanks 🙏 Would that have other “side” permissions? I’m wondering if it is too loose.
Would this be a correct statement to restrict it to a specific repo?
Copy code
{
"action": [
"branches:*"
],
"effect": "allow",
"resource": "arn:lakefs:fs:::repository/<repository-name>"
}b
Barak Amar
03/17/2023, 12:54 PM
Thanks @Oz Katz
Barak Amar
03/17/2023, 12:56 PM
Barak Amar
03/17/2023, 12:57 PM
@Cristian Caloian it should work as the actions currently checked are
branches:GetBranchProtectionRulesbranches:SetBranchProtectionRulesc
Cristian Caloian
03/17/2023, 1:58 PMIt works! Thank a lot 🙏
😁 1
6 Views