Role-based Access Control

Access Management helps you manage who has access to the specific topology elements, UI elements, and which APIs they can call.

RBAC is an authorization system that provides fine-grained access management of SUSE Observability resources, a clean and easy way to audit user privileges and to fix identified issues with access rights.

What can I do with RBAC?

Here are some examples of what you can do with RBAC:

• Allow one user to have access to the development cluster only, another one to both the production and development cluster and a third can access the development cluster and only 1 namespace in the production cluster.

• Give a small group of users an administrator role to setup and configure SUSE Observability. While giving all developers a troubleshooter role to view all topology, metrics, logs and events, but with limited configuration capability.

What's a role in SUSE Observability?

A role in SUSE Observability is a combination of a configured subject and a set of permissions. Process of setting up a role in SUSE Observability is described in How to set up roles.

More on RBAC configuration

• Permissions

• How to set up roles

• Scopes

• How to configure authentication