Role to access session recordings from other users #12901
-
|
Hello I would like to ask is it possible to create a role to access session recordings from other users. Now it's impossible to view other users' recordings with default teleport-admin roles (access, editor). Can you help me with some documentation or reference? Teleport version: v9.2.4 |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
This is the default role that allows a user to view their own session recordings: kind: role
metadata:
name: view-own-recordings
spec:
allow:
rules:
- resources:
- session
verbs:
- read
- list
where: contains(session.participants, user.metadata.name)
deny: {}
version: v5You can modify this role by removing the kind: role
metadata:
name: view-all-recordings
spec:
allow:
rules:
- resources:
- session
verbs:
- read
- list
deny: {}
version: v5 |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for the quick response! |
Beta Was this translation helpful? Give feedback.
-
|
Please apply above role to the user. To verify if the permissions have been updated, the user will need to log out and log back in to see the changes take effect. |
Beta Was this translation helpful? Give feedback.
This is the default role that allows a user to view their own session recordings:
You can modify this role by removing the
whereclause to allow ALL session recordings to be viewed: