RBAC Role Update #
In this section, you will be able to configure various parameters for the roles and enable/disable permissions of actions over objects. You will also be able to see a table with all the available objects and their respective actions.
The image below shows a list of roles with various respective parameters which have been explained below.
Object. Is a role whose functionality will be mutated when you configure some settings using the listed actions.
Actions. These sets of instructions will change the functionality of a specified role.
After checking an action for the desired object, you will have to confirm the changes by clicking the Apply button at the bottom of the page.
Objects and their actions #
Each available object has its permissions shown once the expand button is clicked. Notice that the actions for the Activation Certificate or Factory Reset can only be performed by the root user.
Alias. It defines which actions a role can perform over the alias feature.
- Create. Allows creating a new alias.
- Delete. Allows deleting an existing alias.
- List. Allows listing created alias.
- Menu. Allows showing an alias in the web GUI’s menu.
- Modify. Allows modifying the configurations of an alias.
Backup. It defines which actions a role can perform over the backup feature.
- Apply. Allows applying changes to a backup.
- Create. Allows creating new backups.
- Delete. Allows deleting existing backups.
- Download. Allows downloading existing backups.
- Menu. Allows showing backup menus in web GUI.
- Upload. Allows uploading backups.
SSL Certificate. It defines which actions a role can perform over the SSL Certificate feature.
- Create. Allows creating new SSL certificates.
- Delete. Allows removing an existing SSL certificate.
- Download. Allows downloading existing SSL certificates.
- Menu. Allows showing an SSL certificates menu in web GUI.
- Show. Allows showing SSL certificates.
- Upload. Allows uploading SSL certificates to the appliance.
Cluster. It defines which actions a role can perform over the Cluster feature.
- Create. Enables creating a new cluster.
- Delete. Enables deleting an existing cluster.
- Maintenance. Enables the configurations for maintaining a given cluster’s functionality.
- Menu. Allows showing a cluster menu in web GUI.
- Modify. Allows modifying the configurations of a given cluster.
Farm. It defines which actions a role can perform over the farm feature. The user will only be able to manage farms defined for the user’s group.
- Action. Allows executing actions in farms.
- Create. Enables creating a new farm
- Delete. Enables deleting an existing farm.
- Maintenance. Allows putting the backends in maintenance.
- Menu. Allows showing the farms’ menus in web GUI.
- Modify. Allows modifying the configurations of a given farm.
Farmguardian. It defines which actions a role can perform over health checks. To apply a farmguardian to a farm, it is necessary to set permissions over farms and to have them defined for the users’ group.
- Menu. Allows showing farmguardian menu in web GUI.
- Modify. Allows creating, modifying, and deleting farmguardian checks.
Network. It defines which actions a role can perform over a given network. The virtual interfaces are an exception since they are managed by the virtual interfaces object.
- Action. Allows executing actions in networks.
- Menu. Allows showing network menus in the web GUI.
- Modify. Allows creating, modifying, and deleting any interface but virtual. Also allows executing actions over non-virtual interfaces.
Network Virtual Interface. It defines which actions a role can perform over virtual interfaces. The user will only be able to manage virtual interfaces assigned to the user’s group.
- Action. Allows executing actions in virtual interfaces.
- Create. Allows creating new virtual interfaces.
- Delete. Allows deleting existing virtual interfaces.
- Modify. Allows modifying the configurations of existing virtual interfaces.
IPDS. It defines which actions a role can perform over the IPDS rules. To apply a rule to a farm, the required object is farm to be defined in the user’s group.
- Action. Allows executing actions on the IPDS rules.
- Menu. Allows showing IPDS menus in web GUI.
- Modify. Allows creating, modifying, and deleting IPDS rules.
Let’s Encrypt. It defines which actions a role can perform over the Let’s Encrypt CA.
- Action. Allows executing actions in the Let’s encrypt section
- Create Allows creating new certificates in the Let’s encrypt section
- Delete. Allows deleting existing certificates in the Let’s encrypt section
- List. Allows showing a list of certificates in the let’s encrypt section
- Menu. Allows showing the Let’s encrypt menu in the web GUI
- Show. Allows showing the Let’s encrypt section.
Log. It defines which actions a role can perform over the load balancer logs.
- Download. Allows downloading logs.
- Menu. Allows showing logs menu in web GUI.
- Show. Allows showing logs.
Notification. It defines which actions a role can perform over the notifications: alerts and sent methods.
- Action. Allows executing actions in the notifications section.
- Menu. Allows showing notifications menu in web GUI.
- Modify. Allows modifying the notifications section.
- Show. Allows showing the notifications section.
- Test. Allows sending a test email from the notifications section.
RBAC Group. It defines which actions a role can perform over RBAC groups.
- Create. Allows creating RBAC groups.
- Delete. Allows deleting RBAC groups.
- List. Allows listing RBAC groups.
- Menu. Allows showing RBAC groups menu in web GUI.
- Modify. Allows modifying the configuration of RBAC groups.
- Show. Allows showing RBAC groups.
RBAC Role. It defines which actions a role can perform over the RBAC roles.
- Create. Allows creating new RBAC roles.
- Delete. Allows deleting existing RBAC roles.
- Menu. Allows showing RBAC roles in web GUI.
- Modify. Allows modifying RBAC roles.
- Show. Allows showing RBAC roles.
RBAC Settings. It defines which actions a role can perform over the settings in the RBAC Settings section.
- Action. Allows executing actions in the RBAC Settings Section.
- List. Allows listing RBAC settings
- Menu. Allows showing RBAC Settings in the web GUI.
- Modify. Allows modifying the configurations of the RBAC Settings.
- Show. Allows showing RBAC settings
RBAC User. It defines which actions a role can perform over the RBAC users.
- Create. Allows creating new RBAC users.
- Delete. Allows deleting existing RBAC users.
- List. Allows listing RBAC users.
- Menu. Allows showing RBAC users menu in web GUI.
- Modify. Allows modifying RBAC users.
- Show. Allows showing RBAC users.
Supportsave. It defines which actions a role can perform over Relianoid supportsave.
- Download. Allows downloading supportSaves files.
- Menu. Allows showing the downloading menu in web GUI.
System Service. It defines which actions a role can perform over remote and local services.
- Menu. Allows showing the System Service menu in web GUI.
- Modify. Allows modifying the system services section (System menu >> Local Services and Remote Services).
VPN. It defines which actions a role can perform over the VPN networks.
- Action. Allows executing actions in networks.
- Create. Allows creating new VPN networks.
- Delete. Allows deleting existing VPN networks
- Menu. Allows showing the VPN menu in the web gui
- Modify. Allows modifying the configurations of created VPN networks.