Hi,
We are grateful to each and every one of you who shared your valuable feedback with us. Your input has helped us come up with a better solution that addresses most of the use cases discussed in the RFC. Thank you for being a part of our journey towards improving Multi-User App Ownership.
What did we hear?
- We empathize with the fact that many organizations must adhere to strict security compliances, which often require demonstrating control over production deployments and access to production logs. It is important to consider the principle of least privilege (PoLP) in these situations.
- We understand that it is crucial for partners to avoid a single point of failure of app ownership.
What did we change?
- We are pleased to inform you that we have added two new roles: Viewer and Deployer. Furthermore, we have made some modifications to the Developer role by revoking permission for production log access. Additionally, we are providing access to production logs as advanced permission that Admins can choose to add on top of the default role provided to users.
*App Owner has an admin role but with exclusive permissions including Transfer of app ownership and App deletion
Design
What we intend to tackle later ?
We intend to solve the single ownership problem by working on a solution with the Marketplace team. We recommend utilizing the “Transfer of app ownership” feature as a stopgap solution for now.
What is coming next?
We are currently working on implementing these roles and user experience for Multi-User App Ownership. If anyone has any further suggestions, please don’t hesitate to reach out to us.