Having unscoped access rights will never not be an issue. It’s an issue for functions and it’s and issue fir hosted extractors. We want to avoid all or nothing accesses, giving write access to all hosted extractors would never be acceptable, giving access to subset however could be an option.
And again, this goes for all resources that are not scoped. It greatly limits their usability in an production environment.
Markus Pettersen
Aker BP - Techniacal Domain Architect for CDF
Any resource in CDF with unscoped access control (e.g. all or nothing accesses) is considered an issue and a security risk. There are times when manual ad-hoc interventions are needed and giving a user global access is something we want to avoid, for example running a Cognite Function requires the user to have access to all functions in the CDF project and since they run with service principles this is a security risk.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Check the
documentation
Ask the
Community
Take a look
at
Academy
Cognite
Status
Page
Contact
Cognite Support