Randall Hansen wrote: > > In that case, how do you revoke a user's role? Disabling the key would be > like removing the role entirely, revoking access for everyone else with the > key.
Or changing the key too. Not sure - that'd need some thought. > > What is the source of truth? If we store Dashboard's RBAC in Dashboard's > database (for the sake of argument) and we have Puppet's RBAC in a config > file then they'll be out of sync, unless special effort is expended. Depends whether they are the same thing but yes assuming we do store some concept of roles in the master then it should be the SoT. > > Sorry to have more questions than answers. It does seem like the right > direction, James. No, no all good questions. Don't have many good answers... :) James -- James Turnbull Puppet Labs 1-503-734-8571 -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to puppet-dev@googlegroups.com. To unsubscribe from this group, send email to puppet-dev+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.