Separate Data Lake Administrative Permissions into Roles
Currently Project Owner permission is required to create and manage data lake clusters. This requires dangerously elevated privileges simply to manage Data Lake.
I simply would like to either use existing project roles or create new roles specific to Data Lake with similar duty segregation: Data Lake Manager(similar to Project Cluster Manager), Read-Only, Read-Write, etc.
Project Owner should not be required to administer or use data lake features. Non-granular roles are fine for this urgent need, we simply need reasonable coarse-grained roles that would satisfy usage in any security-minded enterprise.
Kekoa
shared this idea
-
Kekoa
commented
Currently Project Owner permission is required to create and manage data lake clusters. This requires dangerously elevated privileges simply to manage Data Lake.
I simply would like to either use [existing project roles](https://docs.atlas.mongodb.com/reference/user-roles/#project-roles) or create new roles specific to Data Lake with similar duty segregation: Data Lake Manager(similar to Project Cluster Manager), Read-Only, Read-Write, etc.
Project Owner should not be required to administer or use data lake features. Non-granular roles are fine for this urgent need, we simply need reasonable coarse-grained roles that would satisfy usage in any security-minded enterprise.