IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

RBAC: Extend the docs with an example of mapping to a fixed role (#79444)

Browse Source 
extend the docs with an exmaple of mapping to a fixed role
This commit is contained in:
Ieva 2023-12-14 12:28:02 +02:00 committed by GitHub
parent a1ec5be730
commit 5192150191
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
View File

@ -276,6 +276,17 @@ role_attribute_path = contains(info.roles[*], 'admin') && 'GrafanaAdmin' || cont
allow_assign_grafana_admin = true
```
#### Map one role to all users
In this example, all users will be assigned `Viewer` role regardless of the user information received from the identity provider.
Config:
```ini
role_attribute_path = "'Viewer'"
skip_org_role_sync = false
```
## Configure team synchronization
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud](/docs/grafana-cloud/).

9
docs/sources/setup-grafana/configure-security/configure-authentication/github/index.md
View File

@ -130,6 +130,15 @@ All other users are granted the `Viewer` role.
role_attribute_path = [login=='octocat'][0] && 'GrafanaAdmin' || 'Viewer'
```
#### Map one role to all users
In this example, all users will be assigned `Viewer` role regardless of the user information received from the identity provider.
```ini
role_attribute_path = "'Viewer'"
skip_org_role_sync = false
```
## Configure team synchronization
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud](/docs/grafana-cloud/).

9
docs/sources/setup-grafana/configure-security/configure-authentication/gitlab/index.md
View File

@ -166,6 +166,15 @@ All other users are granted the `Viewer` role.
role_attribute_path = email=='admin@company.com' && 'GrafanaAdmin' || 'Viewer'
```
#### Map one role to all users
In this example, all users will be assigned `Viewer` role regardless of the user information received from the identity provider.
```ini
role_attribute_path = "'Viewer'"
skip_org_role_sync = false
```
## Configure team synchronization
> **Note:** Available in [Grafana Enterprise]({{< relref "../../../../introduction/grafana-enterprise" >}}) and [Grafana Cloud](/docs/grafana-cloud/).

9
docs/sources/setup-grafana/configure-security/configure-authentication/google/index.md
View File

@ -187,3 +187,12 @@ allow_assign_grafana_admin = true
skip_org_role_sync = false
role_attribute_path = email=='admin@company.com' && 'GrafanaAdmin' || 'Viewer'
```
#### Map one role to all users
In this example, all users will be assigned `Viewer` role regardless of the user information received from the identity provider.
```ini
role_attribute_path = "'Viewer'"
skip_org_role_sync = false
```