How to share kubernetes groups between trusted clusters

In case if teleport connects multiple kubernetes clusters,
there is a way to send the kubernetes groups coming from the roles
of the main cluster to the remote cluster:

For example, main cluster can have a user
with a role ‘main’ and kubernetes groups:

kube_groups: ['system:masters']

and SSH logins:

logins: ['root']

Remote cluster can choose to map
this ‘main’ cluster to it’s own:
‘remote-admin’ cluster in the trusted cluster config:

role_map:
  - remote: 'main'
    local: 'remote-admin'

The role ‘remote-admin’ of the remote cluster
can now be templated to use the main cluster role main
logins and kubernetes_groups using variables:

logins: ['{{internal.logins}}']
kubernetes_groups: ['{{internal.kubernetes_groups}}']

This is possible because teleport now encodes
both values in X509 certificate metadata
and remote cluster passes these values as ‘internal’ traits
to the template engine.

Does this work for OSS (i.e. with Github connector) or only for Enterprise?

I’ve not tried it, but it looks like this is RBAC… so I would guess that it’s only for enterprise? https://gravitational.com/teleport/docs/trustedclusters/#rbac