Limit access to credentials

Post your feature requests here
Post Reply
revocloud
Posts: 3
Joined: Tue Mar 03, 2020 9:07 pm

Tue Mar 03, 2020 9:45 pm

Separating users and devices using Tags works super! However, I would like my users to be able to make and/or view backups of a subset of devices, without gaining access to the credentials.

The thinking behind this is we'd like to centralize backups for multiple sites and perhaps even multiple customers. I wouldn't want local site admins or customer-personnel to gain access to credentials for other sites or customers.
User avatar
Tomas
Posts: 835
Joined: Sat Jun 25, 2016 12:33 pm

Tue Mar 03, 2020 10:47 pm

READ-ONLY type users automatically can not see credentials / have no control over them.
To limit access to credentials for OPERATOR type users currently, the only way is to set "High security mode" for credentials.

There is also an option in "Other settings > Advanced system settings" to make "High security mode" for credentials the default.
ccummings-coeur
Posts: 4
Joined: Mon May 18, 2020 4:08 pm

Tue May 19, 2020 9:36 pm

I would also like to see something like this. For example, if we could tie a tag to credentials and treat them just like devices from an access perspective, that would be swell. It has been okay for us to do high security mode, however, in theory, an operator could still setup a honeypot-esque device to try and capture credentials, whereas if they couldn't discover devices with credentials they don't have access too, it would be the most secure option.

Thanks!
Post Reply