Add a APIExport controller to manage bindable APIExports in user FGA stores

# Context

Today any APIExport can be bound in any workspace. With this feature we would like to prepare to have more fine grained control on where API's can be bound.

# Desired State

- Add a new controller that reconciles APIExports. Each APIExport should be added as a tuple into the user fga store
- Adjust the core fga schema to contain a new type along those lines
```
  type bindable_apis_kcp_io_apiexport
    relations
      define parent: [core_platform-mesh_io_account]
      define bind: [role#assignee] or owner or member from parent
```
- Also cover finalization to remove the tuple in case of apiexport deletion

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add a APIExport controller to manage bindable APIExports in user FGA stores #228

Context

Desired State

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add a APIExport controller to manage bindable APIExports in user FGA stores #228

Description

Context

Desired State

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions