RBAC - Limit Users to Just Poweron and Poweroff IPMI Controls
This article describes how to create a limited role with claims (rights) to only poweron and poweroff Machines. This example can be used as the foundating to understand how to add additional Roles with different Claims capabilities.
The Role Base Access and Controls subsystem allows an operator to
construct user account permissions to limit the scope that a user can
impact the Digital Rebar Provision system. Below is an example of how to
create a Claim that assigns the
prod-role that limits
to only allow IPMI
poweroff actions. These permissions
are applied to the specific set of scope Machines:
Now simply assign this Role to the given users you wish to limit their permissions on.
Additional resources and information related to this Knowledge Base article.
poweron, poweroff, limited scope user, claims, roles, rbac, role based authentication controls