Erich Blume
3e2e9ecb80
The previous commit incorrectly assumed autogroup:admin and dst:["*"] didn't work. The actual issue was that tagging gilbert converted it from a user-owned device to a tagged device, losing user identity. Now that gilbert remains untagged, autogroup:admin works correctly. This simplifies the policy and allows future admins to inherit access. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| __main__.py | ||
| policy.hujson | ||
| Pulumi.tail8d86e.yaml | ||
| Pulumi.yaml | ||
| pyproject.toml | ||