Single Project Programmatic API Keys should not require Org User Admin role for IP Whitelists update
When setting a Programmatic API Key in the MongoDB Ops Manager for a given Project, it seems Project Owners are unable after setting the Key to update the IP Whitelist as they require Organization User Admin role to perform such action (screenshot attached).
I guess this makes sense if the same Programmatic API Key is shared between multiple Projects inside the same Organization, but not really if this is applied only to one single Project (i.e. Project Owners should be able to amend the IP Whitelisting of their own API Keys).
I wonder if this could be enhanced in further Ops Manager upgrades.
-
Sven commented
We have a similar request: https://feedback.mongodb.com/forums/924355-ops-tools/suggestions/40809346-more-fine-granular-opsmanger-roles-for-api-crud-op
Boils down to these two user stories:
1. As a user who's logged into Ops Manager, I can generate an API token for myself without having project admin rights
2. As an Ops Manager Admin user, I can pass in a username and desired api key into the OpsManager API