Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) is a security method that restricts resources access to authorized users based on their assigned roles. In Uyuni, RBAC ensures that users can only perform actions and access resources for which they have explicit authorization, enhancing security and simplifying administration.

The core principles of RBAC include:

  • Principle of Least Privilege: Granting only the necessary access rights for users to perform their tasks.

  • Granular Control: Providing fine-grained control over specific functionalities.

  • Separation of Duties: Preventing a single user from having too much control over critical processes.

  • Auditability: Allowing for clear tracking of user actions and permissions.

1. Key RBAC Concepts

Understanding the following core concepts is crucial for effective RBAC management:

  • Role: A collection of permissions defining a specific set of capabilities within Uyuni. Roles are assigned to users, granting the user aggregated permissions.

  • Permission: An atomic authorization to perform a specific action, access a specific web page or call a specific API endpoint within Uyuni. In Uyuni, permissions are represented by namespaces and their access modes.

  • User: An individual account that interacts with Uyuni. Users are assigned one or more roles.

  • Namespace: A granular unit of access control organized in a tree-like structure. Most namespaces have distinct "View" or "Modify" modes.

2. User Roles in Uyuni

Uyuni provides predefined roles and allows for the definition of additional custom roles, optionally inheriting from a combination of other roles.

2.1. Predefined Roles

Refer to administration:users.adoc#administrator-roles for a complete list of predefined roles and their descriptions.

2.2. Defining Additional Roles

To define additional roles, you can:

  • Select a number of existing roles to inherit permissions from.

  • Specify additional namespaces to grant access to.

3. Namespaces for Fine-Grained Access

Namespaces provide fine-grained access control, organized in a tree-like structure. For most namespaces, access within a namespace is further granularized by "View" and "Modify" modes.

Table 1. Example: Image Management namespaces and access modes
Namespace Access Mode Description

cm.build

Modify

Build container or Kiwi images

cm.image.import

Modify

Import container images from a registered image store

cm.image.list

View

List all images

cm.image.list

Modify

Delete images

cm.image.overview

View

View image details, patches, packages, build log and cluster information

cm.image.overview

Modify

Inspect, rebuild, delete images

cm.profile.details

View

View details of an image profile

cm.profile.details

Modify

Create image profiles, edit profile details

cm.profile.list

View

List all image profiles

cm.profile.list

Modify

Delete image profiles

cm.store.details

View

View details of an image store

cm.store.details

Modify

Create image stores, edit store details

cm.store.list

View

List all image stores

cm.store.list

Modify

Delete image stores

A comprehensive list of namespaces and their descriptions can be retrieved by making a call to the access.listNamespaces API method. Refer to Uyuni API documentation for detailed information, including request and response formats.

4. Managing RBAC

Managing RBAC roles and permissions is currently only possible through the API. To assign roles to users via the web UI, refer to Users.

4.1. Managing RBAC via API

The Uyuni API provides methods for programmaticaly managing roles, permissions and user assignments.

4.1.1. The access API

These API methods manage roles and their associated access:

  • listNamespaces: Lists available namespaces, access modes and their descriptions in Uyuni.

  • listPermissions: Lists permitted namespaces of a role.

  • listRoles: Lists existing roles in Uyuni.

  • createRole: Creates a new role, optionally copying permissions from existing roles.

  • deleteRole: Deletes a role.

  • grantAccess: Grants access to namespaces.

  • revokeAccess: Revokes access to namespaces.

4.1.2. The user API

These API methods manage user-role assignments:

  • listPermissions: Lists effective permissions of a user.

  • listRoles: Lists a user’s assigned roles.

  • addRole: Assigns a role to a user.

  • removeRole: Removes a role from a user.

For detailed API documentation, including request and response formats, refer to Uyuni API reference.

5. RBAC Best Practices

Adhering to these best practices will help maintain a secure, efficient, and manageable RBAC environment:

  • Principle of least privilege: Always grant users the minimum permissions necessary to perform their duties. Avoid overly broad permissions.

  • Regular review: Periodically review assigned roles and permissions for users to ensure they are still appropriate and comply with current security policies.

  • Document roles: Clearly document the purpose and permissions of each custom role you create.

  • Separate duties: Implement roles that enforce separation of duties to prevent a single user from having too much control over critical processes.