Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Rubrik Security Cloud role management (RBAC) #169

Open
joeharlan opened this issue May 15, 2024 · 2 comments
Open

Add support for Rubrik Security Cloud role management (RBAC) #169

joeharlan opened this issue May 15, 2024 · 2 comments
Labels
enhancement New feature or request rsc Rubrik RSC (formerly known as Polaris)

Comments

@joeharlan
Copy link

Is your feature request related to a problem? Please describe.

Customers operating large-scale Rubrik deploiyments with distributed teams responsible for their own application environments in the cloud are asking for the ability to create/update/delete/assign RSC roles via Terraform. This feature would allow them to rapidly deploy protection and subsequently divide up responsibility for each line of business team's ongoing cyber resilience operations.

Describe the solution you'd like

Customers should be able to configure the full array of RBAC fine-grained permissions for the purpose of role creation/editing/deletion and assignments.

Describe alternatives you've considered

The only alternative at this time would be to automate using Rubrik SDK's where possible.

Additional context

No additional context at this time.
@johan3141592
Copy link
Member

Hi @joeharlan! Thank your for your feature request. We currently have some support in the TF provider for managing RSC user and roles.

Resources:

Data Sources:

Creating custom roles are unfortunately quite complicated. The easiest way to create a custom roles is to create it from a role template. Those, however, are bundled with RSC and cannot be created by customers.

Please have a look at what we have, and what you think that we are missing.

cc: @DamaniN

@johan3141592 johan3141592 added enhancement New feature or request rsc Rubrik RSC (formerly known as Polaris) labels Jun 13, 2024
@joeharlan
Copy link
Author

The main goal of this feature request is the creation and assignment of roles for distributed teams managing large cloud environments. We are being asked for ways to limit access and visibility for each team to only their own assets.

AWS: Provide a means to define a role that confines users to managing only one or more AWS Accounts. Granularity of permissions beyond simply Admin at this point may be a future requirement, but for now something as simple as this would suffice until we can define more specific requirements.

Azure: Similar to AWS, but for Subscriptions today and RG's once that granularity is made available in RSC.

GCP: Again, same here, only for Projects as the boundary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request rsc Rubrik RSC (formerly known as Polaris)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johan3141592 @joeharlan