Murano/Specifications/Per Tenant Isolation
Per-Tenant Isolation (for Murano-v0.4)
Murano Metadata Repository Server was introduced in Murano-v0.4 release. But there is no any restrictions: any user is able to edit any service definition or file. To prevent that new per-tenant isolation feature would be added to murano-v0.4.1 release.
Now all files grouped by data types are stored in corresponding directories. All those directoriesare located inside "Servicies" derectory along with manifests files (service definitions). Since Metadata Server works on file system the best solution for data isolation would be dividing data into a separate folders. Each tenant for an each user. Users belong to the same tenant will have equal rights on files modification,.