包阅导读总结
1.
关键词:Supabase、Platform Access Control、Granular Access、Role-Based Access Control、Permissions
2.
总结:Supabase 推出新的平台访问控制功能,包括更精细的访问权限设置,可针对特定项目赋予用户权限,提供基于角色的访问控制,介绍了不同角色及其权限,方便管理,保障安全,可查看文档了解更多并开始使用。
3.
主要内容:
– Supabase 致力于为开发者提供安全可靠的应用构建工具
– 最新更新聚焦平台访问控制
– 新的平台访问控制功能
– 推出新的精细访问控制特性,可针对特定项目赋予用户权限而非整个组织
– 弥补平台级访问管理的缺口,提供基于角色的访问控制及管理 API
– 权限角色及说明
– 所有者:完全控制
– 管理员:类似所有者,有部分限制
– 开发者:可修改内容,不能修改设置
– 只读:仅查看,不能修改
– 相关建议与操作
– 可查看访问控制文档了解更多权限动作
– 利用新功能保障成员权限合适,降低风险,优化流程,维持项目安全
– 成长型团队可考虑升级企业计划,充分利用新工具
– 查看更新文档开始使用新功能
思维导图:
文章地址:https://supabase.com/blog/platform-access-control
文章来源:supabase.com
作者:Supabase Blog
发布时间:2024/8/16 0:00
语言:英文
总字数:363字
预计阅读时间:2分钟
评分:88分
标签:Supabase,平台访问控制,基于角色的访问控制,安全,开发者工具
以下为原文内容
本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com
At Supabase, we’re constantly striving to provide the tools developers need to build secure, reliable applications. Our latest update focuses on an area that’s critical to both security and reliability: Platform Access Control.
We’re excited to announce the rollout of our new granular access control features which allows giving users access to specific projects instead of the entire organization.
Managing who can access what within your project isn’t just a convenience — it’s essential for maintaining security and ensuring that your software development lifecycle (SDLC) is followed and availability guarantees are met. While Supabase already provides a robust data security framework through Row-Level Security (RLS), we recognized a gap when it came to managing platform-level access. Our new Platform Access Control feature fills that gap by offering Role-Based Access Control (RBAC) to the Supabase platform and management APIs.
With Platform Access Control, Supabase now offers a way to manage permissions at the both the organization and project levels.
A user can either have permissions assigned for the whole organization or for specific projects. The roles remain the same as before:
- Owner: Full control over everything
- Administrator: Similar to the Owner role with some restrictions on update organization settings, transferring projects and modifying owners.
- Developer: Cannot modify any settings but has full access to modifying the content like updating the database, uploading storage objects, etc.
- Read-Only: Ideal for stakeholders or team members who need visibility into the project without the ability to make changes.
For a more exhaustive list of actions allowed for each role, check out the access control docs.
With these new features, Supabase is making it easier than ever to ensure that every team member has the right level of access. By assigning specific roles, you can reduce the risk of accidental changes, streamline workflows, and maintain a high level of security across your projects. If you’re part of a growing team, consider upgrading to an Enterprise Plan to take full advantage of these powerful new tools.
To start using the new Platform Access Control features, check out our updated documentation here.
