self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 17:53:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/tool
History
Zac Bergquist 01ced111f4
Add RBAC for Windows desktop access (#8520) 
* Add RBAC for Windows desktop access

This commit adds RBAC checks for Windows Desktops as described in
RFD 33 and RFD 34:

- add Windows desktop logins & labels to role definition
- introduce new file config for host labels based on a regexp match
- auth server API performs access checking for Windows desktop resources
- add RDP client callback to authorize the user
- support user/role locks
- respect the client idle timeout setting

Note: in cases where an connection is terminated to to RBAC, the web UI
currently displays "websocket connection failed" because the connection
is closed from the server. We'll need to follow up with a nice error
message for the client side to improve the UX here.

Other changes:

* Remove OSS RBAC migration marked for deletion
* Stop creating a default admin role
* add wildcard desktop access to the preset access role

Updates #7761
2021-10-12 14:52:59 -06:00
..
tctl Implement Simplified Node Joining (#8250) 2021-10-08 10:41:28 -07:00
teleport Kube Proxy Forwarder handles kube services with same name (#8362) 2021-10-06 16:01:08 -07:00
tsh Add RBAC for Windows desktop access (#8520) 2021-10-12 14:52:59 -06:00