azhop admins are CC super user and Admin (#1820)

Azure · Jan 24, 2024 · 3893819 · 3893819
1 parent 85b2e59
commit 3893819
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 10 deletions.
diff --git a/playbooks/roles/cyclecloud/files/user_role_record.txt b/playbooks/roles/cyclecloud/files/user_role_record.txt
@@ -9,9 +9,3 @@ Description = "Basic GUI access"
 GroupRole = false
 Name = "User"
 Allow = {"Package.Release/View","System/AccessWebSite","Alerts/Manage","Clusters/View","Clusters/Access", "Fixed.ClusterMetadata"}
-
-AdType = "Application.Role"
-Description = "AZHOP Cluster Admin"
-GroupRole = false
-Name = "azhop Cluster Admin"
-Allow = {"Clusters/Manage", "Fixed.ClusterMetadata"}
diff --git a/playbooks/templates/local_user_record.txt.j2 b/playbooks/templates/local_user_record.txt.j2
@@ -2,10 +2,11 @@ AdType = "AuthenticatedUser"
 Name =  "{{ user.name }}"
 Authentication = "internal"
 {% if (usergroups | selectattr('gid', 'in', (user.groups | default([], true))) | selectattr('name', 'match', 'azhop-admins') | map(attribute='name') | count ) > 0 %}
-Roles = {"azhop Cluster Admin"}
+Roles = {"Administrator"}
+Superuser = true
 {% else %}
 Roles = {"User"}
+Superuser = false
 {% endif %}
 UID = {{ user.uid }}
-Superuser = false
 RawPassword = "{{password.stdout}}"
diff --git a/playbooks/templates/user_record.txt.j2 b/playbooks/templates/user_record.txt.j2
@@ -3,11 +3,12 @@ AdType = "AuthenticatedUser"
 Name =  "{{ user.name }}"
 Authentication = "active_directory"
 {% if (usergroups | selectattr('gid', 'in', (user.groups | default([], true))) | selectattr('name', 'match', 'azhop-admins') | map(attribute='name') | count ) > 0 %}
-Roles = {"azhop Cluster Admin"}
+Roles = {"Administrator"}
+Superuser = true
 {% else %}
 Roles = {"User"}
+Superuser = false
 {% endif %}
 UID = {{ user.uid }}
-Superuser = false
 
 {% endfor %}