Home

Configure custom roles

Before configuring the custom role, ensure to add that role to the role list. Refer to Add roles for RBAC.

Do the following to configure the custom roles that you have added:

  1. From the installation directory, run the following command to set Views and Data filters for a role.

    • Users

      <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.role.<role>.users "<user3>,<user5>"
      
    • Groups

      <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.role.<role>.groups "<group4>,<group5>"
      
    • Views

      <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.role.<role>.views "view-id1, view-id2, view-id3"
      

      For example

      /opt/unravel/manager config properties set com.unraveldata.rbac.role.<role>.views "clusters.chargeback, compute, jobs"
      
    • Data Filters

      <Unravel installation directory>/unravel/manager config properties com.unraveldata.rbac.role.<role>.data.user.filter false
      <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.role.<role>.data.tags.filter true
      <Unravel installation directory>/unravel/manager config properties /manager config properties set com.unraveldata.rbac.role.<role>.data.field.<field> "<field1>,<field2>, \$tags.rbac_<field>"
      

      For example:

      /opt/unravel/manager config properties com.unraveldata.rbac.role.role1.data.user.filter false
      /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.data.tags.filter true
      /opt/unravel/manager config properties /manager config properties set com.unraveldata.rbac.role.role1.data.field.queue "queue1, queue2, \$tags.rbac_queue"
      

    In <user>, you must specify the user you want to configure for the role.

    In <group>, specify the group you want to configure for the role.

    In <field>, you must specify the fields data filter you want to configure for the user role.

    In <view-id>, specify the view-id that you want to configure for the user role.

    For example:

    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.users "user3,user5"
    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.groups "group4, group5"
    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.views "clusters.chargeback, compute, jobs"
    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.data.user.filter false
    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.data.tags.filter true
    /opt/unravel/manager config properties set com.unraveldata.rbac.role.role1.data.field.queue "queue1, queue2, \$tags.rbac_queue"
  2. Stop Unravel, apply the changes, and start Unravel.

    <Unravel installation directory>/unravel/manager stop then config apply then start