Hi,
Currently we are working on creating IAM policies in order to restrict Grail data for only one namespace. With logs and events there is no problem (ALLOW storage:events:read, storage:logs:read where storage:k8s.namespace.name = "namespace-name";)
When it comes to the metrics or entities, even creating the security_context does not have the intended effect.
There is a possibilty that it doesn't work because we dont have metrics in Grail enabled.
Does anybody faced the same "issue"?
Best Regards
Patryk