-
Task
-
Resolution: Done
-
Critical
-
1.4
-
3
-
False
-
-
False
-
RHIDP-2555 - RHDH docs restructure-tracker
-
-
Chapter 2: Configuring policy administrators
- AI [Docs] Blend https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.2/html-single/authorization/index#con-rbac-config-permission-policies-admin_title-authorization and https://redhatquickcourses.github.io/devhub-admin/devhub-admin/1/chapter2/rbac.html#_lab_configure_policy_administrators
- DONE AI [SME/Docs] to be more directive, keep only one configuration method, and drop the section “Configuration of permission policies defined in an external file” https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.2/html-single/authorization/index#con-rbac-config-permission-policies-external-file_title-authorization => OK
Declare policy administrators to allow a certain limited number of authenticated users to configure RBAC policies by using the REST API or the Web UI, rather than editing the CSV file.
The actual policies are defined in a separate CSV file and referenced in the app-config-rhdh ConfigMap.
Prerequisites
- You enabled an authentication provider.
- You enabled the RBAC plugin.
- You have administrative access to the OpenShift project or Kubernetes namespace where RHDH is running.
Procedure
- To declare users as policy administrators, add the following permission attribute to the app-config-rhdh ConfigMap (At the same indentation level as the app and below the catalog attribute). Ensure that you added a valid authenticated user for the admin.users attribute:
permission:
enabled: true
rbac:
admin:
users:
- name: user:default/rsriniva
- Sign out from the existing RHDH session and log in again using the GitHub ID of the declared policy administrator.
- Navigate to the Catalog page in RHDH. Note that the Create button is not visible. You are not allowed to create new components.
- Next, try navigating to the API page. The Register button is not visible. With RBAC enabled, most features are disabled by default. You need to explicitly enable permissions to resources in RHDH.
- is duplicated by
-
RHIDP-4424 Close gaps in RBAC documentation to improve initial setup and configuration UX
- Closed
- links to
1.
|
[DOC] SME Review | Closed | Fabrice Flore-Thébault | ||
2.
|
[DOC] QE Review | Closed | Unassigned | ||
3.
|
[DOC] Peer Review | Closed | Fabrice Flore-Thébault |