IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-23 23:13:52 -06:00
Code Issues Packages Projects Releases Wiki Activity

Docs: added note to RBAC doc from support escalation (#85311)

Browse Source 
* added admonition and API info

* Update docs/sources/administration/roles-and-permissions/access-control/_index.md

---------

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
This commit is contained in:
Larissa Wandzura 2024-05-06 02:27:46 -05:00 committed by GitHub
parent 9236c5a5cf
commit 57038e8dfa
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/sources/administration/roles-and-permissions/access-control/_index.md
View File

@ -28,7 +28,7 @@ RBAC provides a standardized way of granting, changing, and revoking access when
## About RBAC
Role-based access control (RBAC) provides a standardized way of granting, changing, and revoking access so that users can view and modify Grafana resources, such as users and reports.
RBAC extends Grafana basic roles that are included in Grafana OSS, and enables you more granular control of users actions.
RBAC extends Grafana basic roles that are included in Grafana OSS, and enables more granular control of users actions.
By using RBAC you can provide users with permissions that extend the permissions available with basic roles. For example, you can use RBAC to:
@ -43,6 +43,8 @@ RBAC roles contain multiple permissions, each of which has an action and a scope
- **Action:** `datasources:read`
- **Scope:** `datasources:*`
For information on the RBAC API refer to [RBAC API](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/developers/http_api/access_control/#rbac-api).
### Basic roles
Basic roles are the standard roles that are available in Grafana OSS. If you have purchased a Grafana Enterprise license, you can still use basic roles.
@ -78,6 +80,10 @@ For example, if you modify Viewer basic role and grant additional permission, Ed
For more information about the permissions associated with each basic role, refer to [Basic role definitions]({{< relref "./rbac-fixed-basic-role-definitions/#basic-role-assignments" >}}).
To interact with the API and view or modify basic roles permissions, refer to [the table]({{< relref "./manage-rbac-roles/#basic-role-uid-mapping" >}}) that maps basic role names to the associated UID.
{{% admonition type="note" %}}
You cannot use a service account to modify basic roles via the RBAC API. To update basic roles, you must be a Grafana administrator and use basic authentication with the request.
{{% /admonition %}}
### Fixed roles
Grafana Enterprise includes the ability for you to assign discrete fixed roles to users, teams, and service accounts. This gives you fine-grained control over user permissions than you would have with basic roles alone. These roles are called "fixed" because you cannot change or delete fixed roles. You can also create _custom_ roles of your own; see more information in the [custom roles section]({{< relref "#custom-roles" >}}) below.