Role-Based Access Control is only available in the Mender Enterprise plan. See the Mender features page for an overview of all Mender plans and features.
Role-Based Access Control (RBAC) significantly reduces the risk of accidental and unauthorized actions. Admin Users of the Mender server can assign to the other Users Roles with limited access based on the User's responsibilities and required tasks. Role assignments reduce the risk of accidents, such as deploying beta software to production devices. It also reduces the security impact of any compromised Mender server User accounts (e.g., in the case of a stolen password).
A Role is a named set of permissions you can assign to Users.
You can manage Roles in the "Roles" view in the Mender settings for your tenant:
Mender's RBAC system supports five built-in Roles:
Admin: Full access.
Read Access: Intended for team leaders or limited tech support accounts; this Role can see all Devices, Artifacts and Deployment reports but cannot make any changes.
Release Manager: Intended for automation accounts building software (e.g., CI/CD systems), this Role can only manage Artifacts, including uploading new Artifacts and deleting existing Artifacts. It does not have access to Devices or Deployments.
Deployments Manager: Intended for Users responsible for managing deployments, this Role can create and abort deployments for all the devices.
Troubleshooting: Access to the troubleshooting features for all the devices: Remote Terminal, File Transfer, Port Forwarding.
You can create new Roles based on your specific needs and workflows. When creating or editing custom Roles, you can specify the Role's name, description and a set of permissions to grant to the Users bound to the Role.
Some of the permissions apply at the tenant level:
User Management: these permissions should be granted carefully, as they allow privilege increases for any Users managed by a User with User management permissions.
System audit log: these permissions allow tracing changes to devices, releases and User accounts, as well as providing information about deployments.
Releases: these permissions can be granted to allow artifact and release modifications, as well as the creation of new releases.
The device-specific permissions can apply to either all the devices or selected static groups of devices:
Please note that the Connect permission gives users access to the Remote Terminal, File Transfer, and Port-forwarding features. Through these, it is possible to alter the devices locally, for example, changing the Mender Client configuration. Therefore, you can consider it a form of write access to the devices.
When creating a new User, or editing an existing User, you can assign one or more Roles to him by selecting them from the Roles dropdown:
The permissions granted to a User are the union of all his Roles' set of permissions.
© 2023 Northern.tech AS