Skip to main content

Home

Configuring Role-based Access Control (RBAC)

With Role-based Access Control (RBAC), Unravel provides advanced access control for admins to restrict the views of Unravel UI and the access to app data based on the assigned roles. By default, this feature is not enabled. You must enable the RBAC feature.

Unravel supports the following roles for RBAC:

  • admin – has complete access to UI and data.

  • read-only admin – has complete access to the UI except for the Manage page and data.

  • user – have access to views and data assigned by an admin.

  • Custom roles – roles that you can configure in Unravel.

Enable RBAC
  1. From the installation directory, run the following command to enable RBAC.

    <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.enabled true
    
  2. Stop Unravel, apply the changes, and start Unravel.

    <Unravel installation directory>/unravel/manager stop then config apply then start
    

Notice

The differences in the available roles when RBAC is disabled or enabled are listed in the following table:

RBAC Disabled

RBAC Enabled

The default role is readonlyAdmin role.

The default role is user role.

The following roles are available:

  • admin

  • readonlyAdmin

The following roles are available:

  • admin

  • readonlyAdmin

  • user

  • Custom roles

Add roles
  1. From the installation directory, run the following command to add roles:

    <Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.roles <role1>, <role3>, <role2>
    
  2. Stop Unravel, apply the changes, and start Unravel.

    <Unravel installation directory>/unravel/manager stop then config apply then start
    

Note

admin, readonlyAdmin, and user roles are reserved and will be ignored.