Entities Illustration
The following page will walk through an example which ties the concepts of Fuzzball organizations, users, and accounts together. Consider the example below:
The following diagram shows a Fuzzball deployment which consists of Organization X.
Organization X contains users User 1, User 2, and User 3. User 1 is the organization owner which gives them control of the organization, it’s members, accounts within the organization, account owners, and account members. User 2 and User 3 are organization members. By default, each user is a member and owner of their own user account.
User 1, being the organiztion owner, has created accounts Account A and Account B. They have
added themself as the account owner of Account A and User 2 as the account owner of
Account B. Within Account A, User 1, being the account owner, has created storage
volume volume://account/persistent_volumeA and
secret secret://account/oci_registry_secretA. Within Account B, User 2, being the account
owner of Account B, has created storage volume volume://account/persistent_volumeB and secret
secret://account/oci_registry_secretB.
User 3 has been added as an account member of Account A and Account B. When User 3
is using Account A, they will be able to leverage storage volume
volume://account/persistent_volumeA, secret secret://account/oci_registry_secretA, and see
workflows submiited by User 1. When User 3
is using Account B, they will be able to leverage storage volume
volume://account/persistent_volumeB, secret secret://account/oci_registry_secretB, and see
workflows submiited by User 2.
Since User 1 is not a member of Account B, they cannot access storage volume
volume://account/persistent_volumeB, secret secret://account/oci_registry_secretB, and any
workflow/Fuzzfile executed within Account B. Since
User 2 is not a member of Account A, they cannot access storage volume
volume://account/persistent_volumeA, secret secret://account/oci_registry_secretA, and any
workflow/Fuzzfile executed within Account A.