diff options
Diffstat (limited to 'controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java index a88e38e5f89..363dc348ad3 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java @@ -36,9 +36,14 @@ public class CloudAccessControl implements AccessControl { CloudTenantSpec spec = (CloudTenantSpec) tenantSpec; CloudTenant tenant = CloudTenant.create(spec.tenant(), defaultBillingInfo); - for (Role role : Roles.tenantRoles(spec.tenant())) + for (Role role : Roles.tenantRoles(spec.tenant())) { userManagement.createRole(role); - userManagement.addUsers(Role.tenantOwner(spec.tenant()), List.of(new UserId(credentials.user().getName()))); + } + + var userId = List.of(new UserId(credentials.user().getName())); + userManagement.addUsers(Role.administrator(spec.tenant()), userId); + userManagement.addUsers(Role.developer(spec.tenant()), userId); + userManagement.addUsers(Role.reader(spec.tenant()), userId); return tenant; } @@ -60,7 +65,6 @@ public class CloudAccessControl implements AccessControl { public void createApplication(TenantAndApplicationId id, Credentials credentials) { for (Role role : Roles.applicationRoles(id.tenant(), id.application())) userManagement.createRole(role); - userManagement.addUsers(Role.applicationAdmin(id.tenant(), id.application()), List.of(new UserId(credentials.user().getName()))); } @Override |