Problem: NME requires Contributor permissions to Cluster & associated resources RG, which concerns security teams and infrastructure admins regarding Nerdio's potential ability to harm other unrelated AVD resources.
Description - This feature request aims to introduce more granular control over what Nerdio can do against an Azure Local Clusters
Vision - The proposed solution would enable admins to use other Azure RBAC roles such as Azure Stack HCI Administrator, Azure Stack HCI Contributor or a custom-enabled role that will allow specific actions like creating images, but not changing custom location, networks, resource bridge etc…
Comments (2 comments)