RBAC for config templates and submissions

Overview

With role-based access control (RBAC), administrators can determine who can create, read, update, and delete templates and template submissions. This access control helps you securely manage your NGINX configurations and deployments.

Before You Begin

• Ensure the user is added as a basic authentication or OpenID Connect (OIDC) user in F5 NGINX Instance Manager.
• Familiarize yourself with the concepts of Roles and Permissions within Instance Manager as they are crucial for managing access.

Assign Roles for Templates and Template Submissions

To complete these steps, you need administrator access.

1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in.

2. Select Settings (gear icon) in the upper-right corner of the dashboard.

3. Select Users from the left menu to manage individual users or User Groups for managing access at a group level.

4. Define access to templates and template submissions:

   • To ensure proper management of NGINX configurations, create or edit roles to specify access to templates and template submissions. This may involve defining CRUD permissions specific to managing NGINX configurations.

   • Restricting access to templates is essential for controlling who can create and modify templates. This responsibility generally falls to administrators with a comprehensive understanding of NGINX configurations.

   • Restricting access to template submissions limits who can change submitted template inputs. This role could be assigned to application development teams, allowing them to deploy and manage their apps themselves.

5. Assign or modify roles:

   • For individual users, select a user from the list and click Edit User. For user groups, select a group and click Edit.
   • In the Roles list, select the roles you want to assign to the user or user group. Ensure that the roles include permissions for managing templates and/or template submissions.

6. After assigning roles and permissions, select Save to apply the changes.

Additional Templating Resources

Concepts

• Understand Config Templates: Learn about config template types, publication targets, and the template submission process.

• F5 Global Default Base Template: Learn about the F5 Global Default Base Template, including its key components and usage. Discover how augment templates can be used to segment portions of the base template.

• Augment Templates: Learn how augment templates can be combined with base templates to add specific features like OIDC authentication, or segment (compartmentalize) configuration elements like location and server blocks.

• Template Resource Files: Learn about template resource files, including config template files, JSON schemas, and auxiliary files.

• Dynamic Form JSON Schema: Learn how to use JSON schemas for template input and validation in the dynamic web form builder.

How-Tos

• Manage NGINX Configs with Config Templates: Create, import, and deploy NGINX configurations using config templates.

• Access Control for Templates and Template Submissions: Apply role-based access control (RBAC) settings to templates and template submissions.