Configuring Role-based Access Control (RBAC)
With Role-based Access Control (RBAC), Unravel provides advanced access control for admins to restrict the views of Unravel UI and the access to app data based on the assigned roles. By default, this feature is not enabled. You must enable the RBAC feature.
Unravel supports the following roles for RBAC:
admin – has complete access to UI and data.
read-only admin – has complete access to the UI except for the Manage page and data.
user – have access to views and data assigned by an admin.
Custom roles – roles that you can configure in Unravel.
Enable RBAC
From the installation directory, run the following command to enable RBAC.
<Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.enabled true
Stop Unravel, apply the changes, and start Unravel.
<Unravel installation directory>/unravel/manager stop then config apply then start
Notice
The differences in the available roles when RBAC is disabled or enabled are listed in the following table:
RBAC Disabled | RBAC Enabled |
|---|---|
The default role is readonlyAdmin role. | The default role is user role. |
The following roles are available:
| The following roles are available:
|
Add roles
From the installation directory, run the following command to add roles:
<Unravel installation directory>/unravel/manager config properties set com.unraveldata.rbac.roles
<role1>,<role3>,<role2>Stop Unravel, apply the changes, and start Unravel.
<Unravel installation directory>/unravel/manager stop then config apply then start
Note
admin, readonlyAdmin, and user roles are reserved and will be ignored.