Please review JIRA-11350 (https://issues.apache.org/jira/browse/AMBARI-11350) and the attached PDF (https://issues.apache.org/jira/secure/attachment/12771480/AmbariRole-basedAccessControl.pdf). They contain details about adding role-based access control to the Ambari Server.
Currently we support a few levels a course grained permissions (Ambari Administrator, Cluster Operator, etc…); however this is limited and we need finer grain control over access to administrator and user features. The short term implementation details do not fully allow for customized roles. I believe in the long term this is where the product will be headed – so some implementation details were structured to allow for such enhancements. Please comment by 11/11 so we can get started on the implementation. Thanks, Rob
