Chapter 4. Managing role-based access controls (RBAC) using the Red Hat Developer Hub Web UI
Administrators can use the Developer Hub web interface (Web UI) to allocate specific roles and permissions to individual users or groups. Allocating roles ensures that access to resources and functionalities is regulated across the Developer Hub.
With the administrator role in Developer Hub, you can assign permissions to users and groups, which allow users or groups to view, create, modify, and delete the roles using the Developer Hub Web UI.
To access the RBAC features in the Web UI, you must install and configure the @janus-idp/backstage-plugin-rbac plugin as a dynamic plugin. For more information about installing a dynamic plugin, see Configuring plugins in Red Hat Developer Hub.
After you install the @janus-idp/backstage-plugin-rbac plugin, the Administration option appears at the bottom of the sidebar. When you can click Administration, the RBAC tab appears by default, displaying all of the existing roles created in the Developer Hub. In the RBAC tab, you can also view the total number of users, groups, and the total number of permission policies associated with a role. You can also edit or delete a role using the Actions column.
4.1. Creating a role in the Red Hat Developer Hub Web UI
You can create a role in the Red Hat Developer Hub using the Web UI.
Prerequisites
- You have an administrator role in the Developer Hub.
-
You have installed the
@janus-idp/backstage-plugin-rbacplugin in Developer Hub. For more information, see Configuring plugins in Red Hat Developer Hub. - You have configured the required permission policies. For more information, see Section 2.1, “Permission policies configuration”.
Procedure
Go to Administration at the bottom of the sidebar in the Developer Hub.
The RBAC tab appears, displaying all the created roles in the Developer Hub.
- (Optional) Click any role to view the role information on the OVERVIEW page.
- Click CREATE to create a role.
- Enter the name and description of the role in the given fields and click NEXT.
- Add users and groups using the search field, and click NEXT.
- Select Plugin and Permission from the drop-downs in the Add permission policies section.
- Select or clear the Policy that you want to set in the Add permission policies section, and click NEXT.
- Review the added information in the Review and create section.
- Click CREATE.
Verification
The created role appears in the list available in the RBAC tab.
4.2. Editing a role in the Red Hat Developer Hub Web UI
You can edit a role in the Red Hat Developer Hub using the Web UI.
The policies generated from a policy.csv or ConfigMap file cannot be edited or deleted using the Developer Hub Web UI.
Prerequisites
- You have an administrator role in the Developer Hub.
-
You have installed the
@janus-idp/backstage-plugin-rbacplugin in Developer Hub. For more information, see Configuring plugins in Red Hat Developer Hub. - You have configured the required permission policies. For more information, see Section 2.1, “Permission policies configuration”.
- The role that you want to edit is created in the Developer Hub.
Procedure
Go to Administration at the bottom of the sidebar in the Developer Hub.
The RBAC tab appears, displaying all the created roles in the Developer Hub.
- (Optional) Click any role to view the role information on the OVERVIEW page.
- Select the edit icon for the role that you want to edit.
- Edit the details of the role, such as name, description, users and groups, and permission policies, and click NEXT.
- Review the edited details of the role and click SAVE.
After editing a role, you can view the edited details of a role on the OVERVIEW page of a role. You can also edit a role’s users and groups or permissions by using the edit icon on the respective cards on the OVERVIEW page.
4.3. Deleting a role in the Red Hat Developer Hub Web UI
You can delete a role in the Red Hat Developer Hub using the Web UI.
The policies generated from a policy.csv or ConfigMap file cannot be edited or deleted using the Developer Hub Web UI.
Prerequisites
- You have an administrator role in the Developer Hub.
-
You have installed the
@janus-idp/backstage-plugin-rbacplugin in Developer Hub. For more information, see Configuring plugins in Red Hat Developer Hub. - You have configured the required permission policies. For more information, see Section 2.1, “Permission policies configuration”.
- The role that you want to delete is created in the Developer Hub.
Procedure
Go to Administration at the bottom of the sidebar in the Developer Hub.
The RBAC tab appears, displaying all the created roles in the Developer Hub.
- (Optional) Click any role to view the role information on the OVERVIEW page.
Select the delete icon from the Actions column for the role that you want to delete.
Delete this role? pop-up appears on the screen.
- Click DELETE.
