Consider different alternatives:
- Validate access on the worker itself
- Use a separate service to validate the access and populate group/role membership in the token which is later validated on the worker side.
Take a look at the https://github.com/Snowflake-Labs/sansshell to check how it can be implemented.
Consider different alternatives:
Take a look at the https://github.com/Snowflake-Labs/sansshell to check how it can be implemented.