Better control over Guest Users - Licensing
Problem to solve
** Customer Writes: **
There is no way to designate a user as being a guest.
A guest user in your licensing system is defined as a user without any permission other than a guest. This defined in the billing parameter as an absence creates a lot of issues in license compliance especially in the government space. Any Maintainer or Owner in the system can make users not a guest by adding them to their project. This creates and issues because this is in effect obligating the company to spend more money next year. There is no reason Maintainers should have this authorization in the company. There should be a way for admins to mark as user as a guest and no one but an admin should be able to override this. New auto-created users should get this flag by default. Without this feature, guest users in ultimate are either highly risky in terms of compliance or unusable.
Specifically, Gov't customers have strict licensing auditing requirements.
It seems the goal is to get a better handle and control over how/when and who is able to promote Guests.
I have several customers now working with a microservices architecture and they work with different vendors, developers, etc. The goal is not to restrict people from doing work but to keep a good track of why a guest was promoted (like what ability did they need that was not covered as a guest). Having this audited provides management the ability to say we need more funding in advance for the next go-around because more people are using the system for X reasons.
A few ways to approach.
- Allow a particular group of users to have this specific permission to promote Guests (either allow by exception or Deny by exception approach).
- Have a notification that appears that provides the owner or maintainer the ability to promote a guest and provide a reason. Let the person know what that means. And provide auditing of who and when this was done.
- Provide an option to says Guests in this project can not be promoted, but guests in this project can be.
Permissions and Security
Availability & Testing
What does success look like, and how can we measure that?
Success is improving the control over Guest Accounts in relation to licensing. Better awareness and notifications or better controls and restriction options or both.
What is the type of buyer?
Is this a cross-stage feature?
Depending on the approach. Yes, this change will affect Licensing, UI changes, Internal changes to auditing, etc.
Links / references