Skip to content

Commit 6b0a011

Browse files
authored
Add limited_owner role to capabilities reference (#3243)
## Type of change **Documentation Update** - Added `limited_owner` as a new built-in administrative IAM role throughout the capabilities reference - Documented `limited_owner` capabilities: read access across all resources, plus `identity` and `role_bindings` create permissions, and image pull access ## What should this PR do? resolves chainguard-dev/internal#5787 ## Why are we making this change? The `limited_owner` role exists in the Chainguard platform but was not documented in the capabilities reference. Customers and admins need to understand how this role differs from `owner`, `viewer`, and other administrative roles when making IAM decisions. ## What are the acceptance criteria? - `limited_owner` appears in the Built-in Roles Summary under Administrative Roles, positioned between `viewer` and `console_viewer` - `limited_owner` appears in all applicable rows of the Chainguard Role Capabilities table, positioned after `viewer` and before `console_viewer` - `limited_owner` row is present in the Role Capabilities Comparison table showing ✅ for Pull Images, List Tags/Repos, View SBOMs/Diffs, Create IAM Resources, and Create Pull Tokens, and ✕ for Libraries Access - The role count in the comparison section no longer references a hardcoded number ## How should this PR be tested? 1. Check the preview link and navigate to the Built-in Roles & Capabilities page under Administration > IAM Organizations > Roles & Role-bindings 2. Verify `limited_owner` appears in all three places: the summary list, the capabilities table (after `viewer` in each row), and the comparison table --------- Signed-off-by: Mark Drake <mark@chainguard.dev>
1 parent 4df5052 commit 6b0a011

3 files changed

Lines changed: 34 additions & 27 deletions

File tree

0 commit comments

Comments
 (0)