Roles and Permissions
Permissions are a key security control. In order to protect sensitive information and maintain the integrity of systems, permissions play a fundamental role. By defining what actions or operations a user or process can perform, permissions help to enforce access control and ensure that only authorized individuals have the ability to perform certain tasks. These permissions act as a safeguard, preventing unauthorized access or misuse of resources.
In Kubeark, permission types grant users access to different sections of the app and define key allowed actions for the users, such as read, create, update or delete items on the specific section. A role is identified as group of permissions that are grouped under one name. All the roles can be customised.
During the installation process of the Kubeark platform, an administrative role with all permissions is created by default. This allows for an initial level of access control to be established for the administrator, who can then proceed to create custom roles with varying levels of permissions. The custom roles can be tailored to the needs of specific user groups, departments, or projects, enabling a flexible and granular approach to access control.
All sections of the web application are structured with the standard Create, Read, Update, and Delete (CRUD) permissions. This allows for precise control over the level of access that each role has to the different sections and features of the web application. The administrator can then assign specific roles to individual users or groups of users, ensuring that only authorized users have access to sensitive data and functionality.
Additionally, the Kubeark Platform provides advanced auditing capabilities that allow you to track and record actions performed by users and to gain a better understanding of user activity. This can help you to detect any malicious or accidental actions, as well as to identify any areas where additional controls are required.
Overall, the Kubeark Platform's role-based access control system allows you to establish a secure and compliant environment, while also providing the flexibility and granularity that you need to manage access control for a diverse set of users.
The is created during the Kubeark installation process and is the most powerful Account, being authorised to execute all the possible actions in the Kubeark platform.
The is a basic permission level needed in order to access the Kubeark Platform. This role can be created, updated, or deleted based on the RBAC Matrix defined by the global_admin, admin, or user.
Below you will find a list of all possible permissions:
Asset | Permissions |
---|---|
Users |
|
Roles |
|
Cluster |
|
Config |
|
Deployment |
|
License |
|
Monitoring |
|
Billing |
|
Alerts |
|
Logs |
|
Webhooks |
|