generated from redhat-developer/new-project-template
-
Notifications
You must be signed in to change notification settings - Fork 58
RHIDP-1848: Updates the setting up RBAC permission #906
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
hmanwani-rh
merged 5 commits into
redhat-developer:main
from
jmagak:RHIDP-1848-Add-instructions-for-setting-up-RBAC-perms-and-authentication-for-Guest-users
Feb 28, 2025
Merged
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
b95b3f7
Updates the setting up RBAC permission
invalid-email-address ef6eac1
Update the setting up RBAC permission
invalid-email-address f3372d2
Update the setting up RBAC permission
invalid-email-address 5799bea
Update the setting up RBAC permission
invalid-email-address 825e906
Incorporate suggestions
invalid-email-address File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
58 changes: 58 additions & 0 deletions
58
modules/authorization/proc-enabling-guest-access-for-rbac-frontend-plugin.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| [id="enabling-guest-access-for-the-rbac-frontend-plugin_{context}"] | ||
| = Enabling guest access for the RBAC frontend plugin | ||
|
|
||
| Use guest access for the Role-Based Access Control (RBAC) frontend plugin to test and develop, except in production. To enable the guest access for the RBAC frontend, configure the backend plugin and set up the guest authentication provider. | ||
jmagak marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| .Prerequisites | ||
| * You have installed the `@janus-idp/backstage-plugin-rbac` plugin in {product-short}. For more information, see link:{plugins-configure-book-url}[{plugins-configure-book-title}]. | ||
|
|
||
| .Procedure | ||
|
|
||
| To configure the RBAC backend plugin, complete the following steps: | ||
|
|
||
| Update the `app-config.yaml` file to enable the permission framework as shown: | ||
jmagak marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
jmagak marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| [source,yaml,subs=+quotes] | ||
| ---- | ||
| permission | ||
| enabled: true | ||
| rbac: | ||
| admin: | ||
| users: | ||
| - name: user:default/guest | ||
| pluginsWithPermission: | ||
| - catalog | ||
| - permission | ||
| - scaffolder | ||
| ---- | ||
|
|
||
| [NOTE] | ||
| ==== | ||
| The `pluginsWithPermission` section of the `app-config.yaml` section includes only three plugins by default. Update the section as needed to include any additional plugins that also incorporate permissions. | ||
| ==== | ||
|
|
||
| == Setting up the guest authentication provider | ||
jmagak marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| .Procedure | ||
|
|
||
| To enable guest authentication and to use it alongside the RBAC frontend plugin, complete the following step: | ||
|
|
||
| * In the `app-config.yaml` file, add the user entity reference to resolve and enable the `dangerouslyAllowOutsideDevelopment` option, as shown in the following example: | ||
|
|
||
jmagak marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| [source,yaml,subs="+attributes,+quotes"] | ||
| ---- | ||
| auth: | ||
| environment: development | ||
| providers: | ||
| guest: | ||
| userEntityRef: user:default/guest | ||
| dangerouslyAllowOutsideDevelopment: true | ||
| ---- | ||
|
|
||
| [NOTE] | ||
| ==== | ||
| You can use `user:default/guest` as the user entity reference to match the added user under the `permission.rbac.admin.users` section of the `app-config.yaml` file. | ||
| ==== | ||
|
|
||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.