IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-21 22:13:38 -06:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Update whats-new-next with RBAC permission validation (#76470)

Browse Source 
* Update whats-new-next with RBAC permission validation

* run prettier

* Fixed version syntax

* Update docs/sources/whatsnew/whats-new-next/index.md

Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>

* update docs

* update

* fix merge

---------

Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
This commit is contained in:
Misi 2023-10-13 17:27:16 +02:00 committed by GitHub
parent f2ad66620f
commit 3dbda43d44
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/sources/whatsnew/whats-new-next/index.md
View File

@ -159,3 +159,16 @@ _Available in private preview in Grafana Cloud_
The Grafana Assume Role authentication provider lets Grafana Cloud users of the CloudWatch data source authenticate with AWS without having to create and maintain long term AWS Users. Using the new assume role authentication method, you no longer have to rotate access and secret keys in your CloudWatch data source. Instead, Grafana Cloud users can create an identity access and management (IAM) role that has a trust relationship with Grafana's AWS account; Grafana's AWS account will then use AWS Secure Token Service (STS) to create temporary credentials to access the user's AWS data.
To learn more, refer to the [CloudWatch authentication documentation](/docs/grafana/next/datasources/aws-cloudwatch/aws-authentication).
## Permission validation on custom role creation and update
<!-- Mihaly Gyongyosi -->
<!-- Cloud -->
<!-- already in on-prem -->
August 25, 2023
_Generally available in Grafana Cloud_
With the current release, we enabled RBAC permission validation (`rbac.permission_validation_enabled` setting) by default. This means that the permissions provided in the request during custom role creation or update are validated against the list of [available permissions and their scopes](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/roles-and-permissions/access-control/custom-role-actions-scopes/#action-definitions). If the request contains a permission that is not available or the scope of the permission is not valid, the request is rejected with an error message.