In order to provide different access to different user groups, introduce access control model.
We will use role based access control with resource roles/group. (To understand the concept of this model, refer to "RBAC with resource Roles" here )
Implementation:
- Add model as an environment variable in terraform IaC (under okapi-iac/environments). Here is the model to copy/paste.
- Pick this env variables up under "public API service" and "stream service" (okapi-iac/services.tf)
- Update the services (okapi-streams and okapi-public-api) env.go with the newly introduced model variable.
Here is an example of model stored in a string.
Complete architecture for access control: