Chapter 1. Red Hat Insights policies service overview
Policies evaluate system configurations in your environment, and can send notifications when changes occur. Policies you create are applicable to all systems in your Insights inventory. You can create and manage policies using the Red Hat Insights for Red Hat Enterprise Linux user interface in the Red Hat Hybrid Cloud Console, or using the Insights API.
Policies can assist you by managing tasks such as:
- Raising an alert when particular conditions occur in your system configuration.
- Emailing a team when security packages are out of date on a system.
Using policies to monitor configuration changes in your inventory and notifying by email requires:
- Setting user email preferences (if not already set).
- Creating a policy to detect configuration changes as a trigger and selecting email as the trigger action.
- Configure User Access in Red Hat Hybrid Cloud Console > the Settings icon (⚙) > Identity & Access Management > User Access > Users.
- See User Access Configuration Guide for Role-based Access Control (RBAC) for more information about this feature and example use cases.
1.1. User Access settings in the Red Hat Hybrid Cloud Console
All users on your account have access to most of the data in Insights for Red Hat Enterprise Linux.
1.1.1. Predefined User Access groups and roles
To make groups and roles easier to manage, Red Hat provides two predefined groups and a set of predefined roles.
1.1.1.1. Predefined groups
The Default access group contains all users in your organization. Many predefined roles are assigned to this group. It is automatically updated by Red Hat.
If the Organization Administrator makes changes to the Default access group its name changes to Custom default access group and it is no longer updated by Red Hat.
The Default admin access group contains only users who have Organization Administrator permissions. This group is automatically maintained and users and roles in this group cannot be changed.
1.1.2. User Access roles for the Policies service
The following predefined roles on the Red Hat Hybrid Cloud Console enable access to policies features in Insights for Red Hat Enterprise Linux:
- Policies administrator role. The Policies administrator role provides read and write access allowing these users to perform any available operation on policies resources. This predefined role is in the Default admin access group.
- Policies viewer role. The Policies viewer role provides read-only access. (If your organization determines that the default configuration of the Policies viewer role is inadequate, a User Access administrator can create a custom role with the specific permissions that you need.) This predefined role is in the Default access group.
If you configured groups before April 2023, any user who was not an Organization Administrator will have the Policies administrator role replaced with the Policies viewer role. Modifications made to the Default access group before April are not changed.
Additional Resources
- How to use User Access in the User Access Configuration Guide for Role-based Access Control (RBAC).
- Predefined User Access roles
