Role-based Access Control (RBAC) at Unravel
Overview of RBAC on Unravel
Enabling RBAC at Unravel ensures that users can only access data and features relevant to their assigned roles, enhancing data security and privacy. This section details the impact of RBAC on various Unravel pages with some examples, illustrating how access controls protect sensitive information and improve usability.
Certain pages in Unravel do not support RBAC by default. However, access to those pages can be restricted by configuring the Unravel properties. For more details on configuring the Unravel properties for the roles, see here.
Access control by roles and pages
The table below provides a detailed view of access levels and permissions for various pages and features based on user roles.
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Full access |
Non admin user | Not supported |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Full access |
Non admin user | RBAC enabled |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Full access |
Non admin user | RBAC enabled |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Full access |
Non-admin user | RBAC enabled |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Full access |
Non-admin user | Restricted view of the data by configuring the workspace filter |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Read-only access Does not have Run/Schedule/Edit/Delete access |
Non-admin | Not supported |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Read-only access |
Non-admin | Not supported |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | Read-only access Can start or stop the apps |
Non-admin user | Read-only access. |
Roles | Access |
|---|---|
Admin | Full access |
Read-only admin | No access |
Non-admin user | No access |
Admin User
Access to All Pages
Admins have unrestricted access to all Unravel pages by default.
Access to All Workspaces
Admins can view and manage all workspaces, regardless of their specific roles or permissions.
Access to All Workspaces in Inefficient Page
Admins can see inefficient clusters across all workspaces on the Inefficient page.
Non-admin users
The following scenarios give some examples of how you can restrict access to certain pages in Unravel for certain users.
Let's assume a user with Role 1 has permission to access the Cost Explorer, Compute, and Workflows pages. Role1 users have restricted access to specific pages such as Cost Explorer, Compute, and Workflows.
Let's assume a user with Role 2 has permission to access only the Compute and Workflows pages. Access is only to the Compute and Workflows pages in this scenario as shown in the following example:
This section gives examples of scenarios on how access for non-admin users can be restricted to certain workspaces and clusters.
The following image is an example where Role 1 users have access only to the ubs_test_ws1 workspace:
Here is another example of Role 2 user with access only to the prakash_ubs_test workspace:
