mirror of
https://github.com/netdata/netdata.git
synced 2025-04-13 17:19:11 +00:00
RBAC for dynamic configuration documentation (#17861)
Co-authored-by: Ilya Mashchenko <ilya@netdata.cloud>
This commit is contained in:
Fotis Voutsas
GitHub
parent
87682c5e8f
commit
57cff4c8ec
2 changed files with 44 additions and 26 deletions
docs
netdata-agent/configuration
netdata-cloud/authentication-and-authorization
|
|
@ -9,7 +9,9 @@ The Dynamic Configuration Manager allows direct configuration of collectors and
|
|||
|
||||
**Cloud Connection and Security**: Nodes using Dynamic Configuration Manager require a connection to Netdata Cloud. This ensures proper permission handling and data security.
|
||||
|
||||
**Permissions**: Admins and Managers can view, edit, and submit configurations within the UI.
|
||||
> **Info**
|
||||
>
|
||||
> To understand what actions users can perform based on their role, refer to the [Role Based Access documentation](/docs/netdata-cloud/authentication-and-authorization/role-based-access-model.md#dynamic-configuration-manager).
|
||||
|
||||
## Collectors
|
||||
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@ Netdata Cloud's role-based-access mechanism allows you to control what functiona
|
|||
With the advent of the paid plans we revamped the roles to cover needs expressed by Netdata users, like providing more limited access to their customers, or
|
||||
being able to join any Room. We also aligned the offered roles to the target audience of each plan. The end result is the following:
|
||||
|
||||
| **Role** | **Community** | **Homelab** | **Business** | **Enterprise On-Premise** |
|
||||
|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------|:-------------------|:-------------------|:--------------------------|
|
||||
| **Role** | **Community** | **Homelab** | **Business** | **Enterprise On-Premise** |
|
||||
|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------|:-------------------|:-------------------|:--------------------------|
|
||||
| **Admins**<p>Users with this role can control Spaces, Rooms, Nodes, Users and Billing.</p><p>They can also access any Room in the Space.</p> | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Managers**<p>Users with this role can manage Rooms and Users.</p><p>They can access any Room in the Space.</p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Troubleshooters**<p>Users with this role can use Netdata to troubleshoot, not manage entities.</p><p>They can access any Room in the Space.</p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Observers**<p>Users with this role can only view data in specific Rooms.</p>💡 Ideal for restricting your customer's access to their own dedicated rooms.<p></p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Billing**<p>Users with this role can handle billing options and invoices.</p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Troubleshooters**<p>Users with this role can use Netdata to troubleshoot, not manage entities.</p><p>They can access any Room in the Space.</p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Observers**<p>Users with this role can only view data in specific Rooms.</p>💡 Ideal for restricting your customer's access to their own dedicated rooms.<p></p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Billing**<p>Users with this role can handle billing options and invoices.</p> | - | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| **Member** ⚠️ Legacy role<p>Users with this role you can create Rooms and invite other Members.</p><p>They can only see the Rooms they belong to and all Nodes in the All Nodes Room.</p> | - | - | - | - |
|
||||
|
||||
## Which functionalities are available for each role?
|
||||
|
|
@ -74,20 +74,20 @@ In more detail, you can find on the following tables which functionalities are a
|
|||
|
||||
### Notifications Management
|
||||
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** | Notes |
|
||||
|:--------------------------------------------------------------------------|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| See all configured notifications on a Space | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: | |
|
||||
| Add new configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Enable/Disable configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Edit configuration | :heavy_check_mark: | - | - | - | - | - | Some exceptions apply depending on [service level](/docs/alerts-and-notifications/notifications/centralized-cloud-notifications/manage-notification-methods.md#available-actions-per-notification-methods-based-on-service-level) |
|
||||
| Delete configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Edit personal level notification settings | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [Manage user notification settings](/docs/alerts-and-notifications/notifications/centralized-cloud-notifications/manage-notification-methods.md#manage-user-notification-settings) |
|
||||
| See space alert notification silencing rules | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | - | - | |
|
||||
| Add new space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Enable/Disable space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Edit space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Delete space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| See, add, edit or delete personal level alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | - | |
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** | Notes |
|
||||
|:--------------------------------------------------------------------------|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| See all configured notifications on a Space | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: | |
|
||||
| Add new configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Enable/Disable configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Edit configuration | :heavy_check_mark: | - | - | - | - | - | Some exceptions apply depending on [service level](/docs/alerts-and-notifications/notifications/centralized-cloud-notifications/manage-notification-methods.md#available-actions-per-notification-method-based-on-service-level) |
|
||||
| Delete configuration | :heavy_check_mark: | - | - | - | - | - | |
|
||||
| Edit personal level notification settings | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | [Manage user notification settings](/docs/alerts-and-notifications/notifications/centralized-cloud-notifications/manage-notification-methods.md#manage-user-notification-settings) |
|
||||
| See space alert notification silencing rules | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | - | - | |
|
||||
| Add new space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Enable/Disable space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Edit space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| Delete space alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | |
|
||||
| See, add, edit or delete personal level alert notification silencing rule | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | - | |
|
||||
|
||||
> **Note**
|
||||
>
|
||||
|
|
@ -106,12 +106,12 @@ In more detail, you can find on the following tables which functionalities are a
|
|||
|
||||
### Functions
|
||||
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** | Notes |
|
||||
| :-- | :--: | :--: | :--: | :--: | :--: | :--: | :-- |
|
||||
| See all functions in Room | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: |
|
||||
| Run any function in Room | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Run read-only function in Room | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: | |
|
||||
| Run sensitive function in Room | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | There isn't any function on this category yet, so subject to change. |
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** | Notes |
|
||||
|:-------------------------------|:------------------:|:------------------:|:------------------:|:------------------:|:-----------:|:------------------:|:---------------------------------------------------------------------|
|
||||
| See all functions in Room | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: |
|
||||
| Run any function in Room | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Run read-only function in Room | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | - | :heavy_check_mark: | |
|
||||
| Run sensitive function in Room | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - | There isn't any function on this category yet, so subject to change. |
|
||||
|
||||
### Events feed
|
||||
|
||||
|
|
@ -130,6 +130,22 @@ In more detail, you can find on the following tables which functionalities are a
|
|||
| Manage payment methods | :heavy_check_mark: | - | - | - | :heavy_check_mark: | - | |
|
||||
| Update billing email | :heavy_check_mark: | - | - | - | :heavy_check_mark: | - | |
|
||||
|
||||
### Dynamic Configuration Manager
|
||||
|
||||
Netdata Cloud paid subscription required for all action except "List All".
|
||||
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** |
|
||||
|:--------------------------------------|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|:------------------:|
|
||||
| List All (see all configurable items) | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
|
||||
| Enable/Disable | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Add | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Update | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Remove | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| Test | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| View | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
| View File Format | :heavy_check_mark: | :heavy_check_mark: | - | - | - | - |
|
||||
|
||||
|
||||
### Other permissions
|
||||
|
||||
| **Functionality** | **Admin** | **Manager** | **Troubleshooter** | **Observer** | **Billing** | **Member** |
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue