-
Task
-
Resolution: Done
-
Critical
-
1.3.0, 1.4.0
-
3
-
False
-
-
False
-
-
See https://docs.google.com/document/d/1hzho44sCs1Y-m4UTy2kDuZg_0jm8LNJXruJDusAQ4aI/edit
Book: Authorization
Overview: The customer has decided they need a prod/test environment. They want to set up access based on business needs e.g team-test, team-dev, team-ops, etc.
Roles:
- RHDH administrator (Chapter 1 &2).
- RHDH policy administrator (Chapters 3, 4, and 5)
In the Authorization book, you learnt how to authenticate users (that is, who they are).
In this book, learn how to authorize users to perform actions in RHDH (that is, what they can do in RHDH).
Role-Based Access Control (RBAC) is a security concept that controls access to resources in a system, and specifies a mapping between users of the system, and the actions they can perform on resources in the system.
You define roles with specific permissions, and then assign the roles to users and groups.
RBAC on RHDH is built on top of the Permissions framework in Backstage, which defines RBAC policies in code.
Rather than define policies in code, the RHDH RBAC feature allows you to define policies in a declarative fashion using a simple CSV based format.
To apply RBAC in RHDH:
- The RHDH administrator sets up the RBAC featrure:
- Enable the RBAC feature
- Configure Policy Administrators
- The RHDH policy administrator configures your RBAC policies:
- Define roles with specific permissions
- Assign the roles to users and groups
1.
|
[DOC] SME Review |
|
Closed | 
|
Fabrice Flore-Thébault |
2.
|
[DOC] QE Review |
|
Closed |
|
Unassigned |
3.
|
[DOC] Peer Review |
|
Closed |
|
Fabrice Flore-Thébault |
