You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Teleport RBAC can prohibit access to nodes by label, however tsh ls still shows them. Exclude the nodes that user does not have access to by filtering out those nodes in
auth_with_roles.go and applying RBAC attempt to every node in the list.
Expected outcome
tsh ls and UI and any API should not show nodes if user is denied access to them.
Some details
Teleport roles allow to connect as certain user but not another, make sure the node is not shown if user is not allowed to connect as any user.
The text was updated successfully, but these errors were encountered:
Description
Teleport RBAC can prohibit access to nodes by label, however
tsh ls
still shows them. Exclude the nodes that user does not have access to by filtering out those nodes inauth_with_roles.go and applying RBAC attempt to every node in the list.
Expected outcome
tsh ls
andUI
and any API should not show nodes if user is denied access to them.Some details
Teleport roles allow to connect as certain user but not another, make sure the node is not shown if user is not allowed to connect as any user.
The text was updated successfully, but these errors were encountered: