Commit 6b0a011
authored
Add limited_owner role to capabilities reference (#3243)
## Type of change
**Documentation Update**
- Added `limited_owner` as a new built-in administrative IAM role
throughout the capabilities reference
- Documented `limited_owner` capabilities: read access across all
resources, plus `identity` and `role_bindings` create permissions, and
image pull access
## What should this PR do?
resolves chainguard-dev/internal#5787
## Why are we making this change?
The `limited_owner` role exists in the Chainguard platform but was not
documented in the capabilities reference. Customers and admins need to
understand how this role differs from `owner`, `viewer`, and other
administrative roles when making IAM decisions.
## What are the acceptance criteria?
- `limited_owner` appears in the Built-in Roles Summary under
Administrative Roles, positioned between `viewer` and `console_viewer`
- `limited_owner` appears in all applicable rows of the Chainguard Role
Capabilities table, positioned after `viewer` and before
`console_viewer`
- `limited_owner` row is present in the Role Capabilities Comparison
table showing ✅ for Pull Images, List Tags/Repos, View SBOMs/Diffs,
Create IAM Resources, and Create Pull Tokens, and ✕ for Libraries Access
- The role count in the comparison section no longer references a
hardcoded number
## How should this PR be tested?
1. Check the preview link and navigate to the Built-in Roles &
Capabilities page under Administration > IAM Organizations > Roles &
Role-bindings
2. Verify `limited_owner` appears in all three places: the summary list,
the capabilities table (after `viewer` in each row), and the comparison
table
---------
Signed-off-by: Mark Drake <mark@chainguard.dev>1 parent 4df5052 commit 6b0a011
3 files changed
Lines changed: 34 additions & 27 deletions
File tree
- content/chainguard
- administration/iam-organizations/roles-role-bindings
- chainguard-images/about
0 commit comments