Resource-specific permissions for functions #215
Description
Right now, our functions are created with permissions to access all needed resources, primarily the object storage buckets and in future key-value storage tables (PR #214)
Instead, we could make SeBS more secure with two additions: allocate permissions only to objects we allocate (e.g. by using prefix sebs-{resource_id} everywhere), and give each function only permissions associated with resources for that specific benchmark.