Chapter 2. Determining permission policy and role configuration source
You can configure Red Hat Developer Hub policy and roles by using different sources. To maintain data consistency, Developer Hub associates each permission policy and role with one unique source. You can only use this source to change the resource.
The available sources are:
- Configuration file
Configure roles and policies in the Developer Hub
app-config.yamlconfiguration file, for instance to declare your policy administrators.The Configuration file pertains to the default
role:default/rbac_adminrole provided by the RBAC plugin. The default role has limited permissions to create, read, update, delete permission policies or roles, and to read catalog entities.NoteIn case the default permissions are insufficient for your administrative requirements, you can create a custom admin role with the required permission policies.
- REST API
- Configure roles and policies by using the Developer Hub Web UI or by using the REST API.
- CSV file
- Configure roles and policies by using external CSV files.
- Legacy
The legacy source applies to policies and roles defined before RBAC backend plugin version
2.1.3, and is the least restrictive among the source location options.ImportantReplace the permissions and roles using the legacy source with the permissions using the REST API or the CSV file sources.
Procedure
-
To determine the source of a role or policy, use a
GETrequest.
