▲ 2 r/Citrix
CSP DAAS Multi Tennant Permission issues with Citrix Policy
Is anyone running into issues with newer multi-tenant deployments? It doesn’t appear that there’s a way to scope Citrix policies to a specific tenant. As a result, tenant-only administrators can see and update all policies across the entire multi-tenant environment.
This creates a significant security and operational risk. Based on the documentation I’ve reviewed, there doesn’t seem to be a workaround for this limitation.
Has anyone come up with a creative solution? At the moment, I can’t use tenant administrator roles because they provide cross-account visibility and management, which isn’t acceptable for our use case.
u/Abject_Plant8234 — 11 days ago