Role-Based Access Control (RBAC)
Apica Ascent's RBAC implementation for data isolation provides a simple, yet powerful construct to manage user access to log data
Overview
Access to log data for users is managed by namespace controls. To learn more about what namespaces are in the Apica Ascent product, please refer to the section on namespaces here. Log data from a single namespace can contain multiple application logs. If a user has access to a namespace, the user can view logs for all applications in the namespace.
UI Controls
When a user has restricted access to select namespaces, the UI will show only the namespaces the user can access for Logs, Search, and Events. In the example below, the user has restricted access to only 2 namespaces; flash:advertise
and prod-k8s:kube-system
apicactl Controls
Apica Ascent's CLI provides a similar restriction when a user tries to access resources under Role-based access controls. In the example below, the same user can be seen to only access the same namespaces;flash:advertise
and prod-k8s:kube-system
Last updated