Kpow v79 introduces Kpow Admin roles with the ability to Stage Mutations and create Temporary RBAC Policies , all wrapped up in a new Settings UI.
Note: If you are currently using Kpow with RBAC your users are all considered non-admin and will have slightly less visibility of Kpow until you specify admin roles.
Kpow Admin Roles
Admins have greater visibility and control of Kpow than normal users.
Non-Admin users can see their own access policies, configure their UI preferences, and view a log of the last 7 days of their account activity.
Admin Users can approve or deny staged mutations, create and remove temporary policies, and have full visibility of all existing system features like the Audit Log.
See: Kpow Admin Role Documentation.
Staged Mutations
Kpow actions (e.g. Topic Create) can now be staged for approval by an Admin user.
Configured by creating an RBAC policy with the new "Stage" effect, Staged Mutations are approved or denied by Admin Users in the new Settings UI.
See: Kpow Staged Mutation Documentation.
Temporary Policies
Admin Users can assign temporary access permissions to a role.
A common use-case would be providing a user TOPIC_INSPECT access to read data from a topic for an hour while resolving an issue in a Production environment.
See: Kpow Temporary Policies Documentation.
