Restrict permissions to edit puppet classes and their smart class parameters which are common between multiple organizations.
Issue
- Smart class parameters in one organization are visible to other organizations as well.
- The puppet modules/classes which are common in multiple organizations have the smart class variables visible and editable to all other organizations and their users with some specific permissions.
- Users from one organization should not be allowed to change/set smart class parameters for puppet classes from another organization. This can result in outages, unexpected service configurations, or possibly access to other organization's servers by unauthorized users.
Environment
- Red Hat Satellite 6.3.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.