Role Based Access

Hi,

I’m new to PowerShell Universal and want to achieve Role-Based Access in my environment.

I have added some tags and access controls based on the added tags. The access controls have been assigned to roles.

I want to achieve the following goals:

• Allow the user to create new scripts in a desired folder
• Allow the user to view, edit, and execute scripts based on access control tags
• Auto assign Access Control tag to newly created scripts

At this moment, I have the following configuration:

1. Added tags “AC Workspace Engineers” and “AC Database Engineers”
2. Added roles “Workspace Engineers” and “Database Engineers”
3. Added access controls “Workspace Engineers” and “Database Engineers” with the following permissions: Create, Edit, View, and Execute
4. Added two users: “Workspace Engineer” with the role “Workspace Engineers” and a user “Database Engineer” assigned to the role “Database Engineers.”

When I log in with one of the two users, I can’t add any script.

When I add both users to the Operator role too, they can create new scripts and assign them to a desired tag. However, the user “Database Engineer” can do everything with the script created by “Workspace Engineer,” and vice versa.

This is not desirable.

I wonder if this is possible or if anyone else has this working?

I’ve been having great difficulty generally with RBAC on v5.
On v4 I was able to at least tag things and have only the menu items appear that was relevant to the users based on their permissions, in v5 im just struggling generally and things don’t seem to work as expected. I think the whole permission/RBAC side of things needs a bit of work.