Skip to content

Resource Capabilities

Explanation on Resource Capabilities

The Resource Capabilities are a mechanism to assigne specific access permissions to an individual users instead of a whole group. The permissions can be fine grained.

The Resource Capabilities can be used by services to perform authorization decision.

Examples

A Resource Capability can be:

  • read permission to a single file
  • reboot permissions for VMs at an virtualization environment
  • usage of a service

Limitations on Helmholtz ID

If the Resource Capabilities are managed on Helmholtz ID, they can be only used for granting access to a service. Fine-grained access permission on file-level are not possible at the moment.

At the moment the Resource Capabilities are managed in the same way like a VO. You (as a service operator) can request the Resource Capability for your service like a VO, but mention that you want to have a Resource Capability.

Need help?

Contact us if you need help.