unSkript Documentation
Free SandboxBlogGitHubSlack Community
  • What is unSkript?
  • Guides
    • Contribute to Open Source
    • Getting started
      • Sign Up/Install
      • Authentication
        • Okta configuration
          • Okta Groups Sync
      • Create a Proxy
      • Add Credentials to Connect your Resources
      • Key Terms
  • RunBooks
    • Prebuilt xRunBooks
      • xRunBooks for CloudOps
      • xRunBooks for Cost Optimization
      • xRunBooks for DevOps
      • xRunBooks for IAM
      • xRunBooks for SecOps
      • xRunBooks for SRE
      • xRunBooks for Troubleshooting
    • Creating RunBooks
      • Importing unSkript xRunBooks
      • Create a xRunBook
      • Add an Action
      • Connecting Actions
      • Create a RunBook Input Parameter
      • Create a Credential
      • Writing Notes
      • Running XRunBooks
        • Running RunBooks with Approvals
      • Schedules
      • xRunBook Executions
      • Alarms
        • Create an Alarm Webhook
          • Webhooks for onprem installations
        • Create a Grafana Alert
        • Attaching runbooks to alarms
      • Folders
      • RunBook Outputs
  • Actions
    • What is an Action?
    • Create Custom Actions
    • Create Actions with AI
    • Actions
      • Action Configuration
        • Configure Action Inputs
        • Add Action Inputs
        • Action Output
        • Action Iterator
          • Using Iterators
        • Action Poll
        • Action Start Condition
      • Anatomy of an Action
    • Prebuilt Actions
  • Healthchecks
    • What is a HealthCheck?
    • Create a HealthCheck
      • Create a HealthCheck Folder
      • Adding Checks
    • HealthCheck Parameters
    • Running HealthChecks
    • HealthCheck Remediation
  • Workflows
    • What is a Workflow?
  • Connnecting
    • Connectors
      • Airflow
        • Airflow Actions
      • AWS
        • AWS Actions
          • AWS Cloudwatch Actions
          • AWS EC2 Actions
          • AWS ECS Actions
          • AWS EKS Actions
          • AWS ELB Actions
          • AWS IAM Actions
          • AWS Postgres Actions
          • AWS RDS Actions
          • AWS RedShift Actions
          • AWS S3 Actions
          • AWS VPC Actions
      • Azure
        • Azure Actions
      • ChatGPT
        • ChatGPT Actions
      • Datadog
        • Configuring webhook in Datadog
        • Datadog Actions
          • Datadog Alert Actions
          • Datadog Metrics Actions
          • Datadog Monitor Actions
      • Elasticsearch
        • Elasticsearch Actions
      • GCP
        • GCP Actions
          • GCP Bucket Actions
          • GCP GKE Actions
          • GCP IAM Actions
          • GCP VM Actions
      • Github
        • Github Actions
      • Grafana
        • Grafana Actions
      • Hadoop
        • Hadoop Actions
      • Jenkins
        • Jenkins Actions
      • Jira
        • Jira Actions
      • Kafka
        • Kafka Actions
      • Kubernetes
        • K8s Actions
      • MongoDB
        • MongoDB Actions
      • MS SQL
        • MSSQL Actions
      • MySQL
        • MySQL Actions
      • Netbox
        • Netbox Actions
      • Nomad
        • Nomad Actions
      • OpenSearch
        • opensearch Actions
      • Pingdom
        • Pingdom Actions
      • Postgres
        • Postgres Actions
      • Prometheus
        • Prometheus Actions
      • Redis
        • Redis Actions
      • REST
        • REST Actions
      • SalesForce
        • SalesForce Actions
      • Slack
        • Slack Actions
      • Snowflake
        • Snowflake Actions
      • Splunk
        • Splunk Actions
      • SSH
        • SSH Actions
      • Stripe
        • Stripe Actions
      • Terraform
        • Terraform Actions
      • Zabbix
    • Proxies
      • Environment
        • RunBooks Across Environments: ServiceIDs
      • unSkript Proxy
      • AWS Proxy
      • GCP Proxy
    • Secret store
      • Vault
  • Tooling
    • Role Based Access Control
      • RBAC Roles
    • API reference
      • Authentication
      • Endpoints
        • Executions
        • RunBooks
        • Schedules
    • Command Line Tool
    • Notifications
  • Fundamentals
    • Jupyter Notebook 101
  • Use Cases
    • DevOps
    • SRE
  • Open source
    • Runbooks.sh
    • Contribute to Open Source
  • Lists
    • AWS Service Quota list
Powered by GitBook
On this page
  • Users
  • User Groups

Was this helpful?

  1. Tooling

Role Based Access Control

Simple access controls give your team access with just the right permission level

PreviousVaultNextRBAC Roles

Last updated 2 years ago

Was this helpful?

Role-based access control (RBAC) is a method of regulating access to your RunBooks and connections based on the roles of individual users within your organization.

This enables granularity and security for the workflows which restricts user movement across the platform.

RBAC controls are only available in the Sandbox and Cloud versions of unSkript.

Our RBAC solution is built by adding Users to Groups, and then adding access and permissions to the group. Groups have different access levels to directories in your unSkript RunBook collection.

Users

In the unSkript dashboard, click "More" -> "User Management" from the top navigation. A page will load listing all of the Users in your instance of unSkript, along with their e-mail address and the Groups they are a member of.

You can invite new users from this page with the "+Invite User" button.

User Groups

Access to workflows and executions are provided through the use of User Groups. From the "User Management" page, click the "User Groups" tab to list all of the user groups in your instance.

Create a Group

Click the Add Group button. In Step 1, you name the Group.

In Step 2, you add users to the Group. You can always add/remove users later in the Group settings.

Adding Access

  1. Select the User Group you wish to grant credentials.

  2. Click the + Add Privileges button under the Access Control tab inside the User Group.

  1. Add the Folders which this User Group can access based on their privileges. Any RunBook in these folders will be visible at the access level given.

  1. You can view/edit all the users under the User tab. You can view (and remove) the User Groups to which they belong.

  1. To directly add a user to an existing User Group, click on the Invite User button under Users tab.

Next, we will add to the group. Access roles are based on the level of access for a directory of RunBooks. If you wish to limit access to a subset of RunBooks, place them in a unique directory. We can then limit access to this directory to different groups of users.

Select the roles based on requirements from the .

access roles
available list of roles