Organization Limits #380

New issue

Open

opened 2026-01-29 14:56:36 +00:00 by tobru · 0 comments

tobru commented

2026-01-29 14:56:36 +00:00

Owner

Stories

As a platform operator, I want to set limits for an organization

Implementation Notes

For several reasons, we need to be able to define limits on an organization level, for example for demo accounts or abuse prevention. This issue is to implement the core feature of organization limits.

Introduce a new model "Organization Limits" which allows to configure multiple "limit profiles", which can then be assigned to an organization to enforce the configured limits.

An organization can only have one limits profile assigned. When changing the limits profile, it must be checked first against the new profile if the current usage can be enforced by the new limits. If not, deny the change with an appropriate informational message.

Limitations to enforce in a profile:

Maximum number of service instances allowed
List of available service offerings
Limitation of available compute plans
Organization validity in number of days from the date of creation

When a limitation isn't configured, it's "unlimited"

These limitations need to be shown to the user in the organization details view.

Thought: This has some overlap with what we configure on organization origins, especially "Limit to these Cloud providers". We might want to move these settings over from organization origin to organization limits. But for now, I propose to not do it and just be aware that there is some overlap.

## Stories _As a platform operator, I want to set limits for an organization_ ## Implementation Notes For several reasons, we need to be able to define limits on an organization level, for example for demo accounts or abuse prevention. This issue is to implement the core feature of organization limits. Introduce a new model "Organization Limits" which allows to configure multiple "limit profiles", which can then be assigned to an organization to enforce the configured limits. An organization can only have one limits profile assigned. When changing the limits profile, it must be checked first against the new profile if the current usage can be enforced by the new limits. If not, deny the change with an appropriate informational message. Limitations to enforce in a profile: * Maximum number of service instances allowed * List of available service offerings * Limitation of available compute plans * Organization validity in number of days from the date of creation When a limitation isn't configured, it's "unlimited" These limitations need to be shown to the user in the organization details view. Thought: This has some overlap with what we configure on organization origins, especially "Limit to these Cloud providers". We might want to move these settings over from organization origin to organization limits. But for now, I propose to not do it and just be aware that there is some overlap.