From 8db80b921ec83fce0d719f430bbdc77276a0e847 Mon Sep 17 00:00:00 2001 From: Debsmita Santra Date: Fri, 2 Feb 2024 14:57:32 +0530 Subject: [PATCH] fix(rbac): update the RBAC frontend plugin readme (#1155) --- plugins/rbac/README.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/plugins/rbac/README.md b/plugins/rbac/README.md index 74086d04f8..a9d3c0a32a 100644 --- a/plugins/rbac/README.md +++ b/plugins/rbac/README.md @@ -15,13 +15,13 @@ The sections below are relevant for static plugins. If the plugin is expected to #### Prerequisites -Follow the RBAC backend plugin [README](https://github.com/janus-idp/backstage-plugins/tree/main/plugins/rbac-backend) to integrate rbac in your Backstage instance +Follow the RBAC backend plugin [README](https://github.com/janus-idp/backstage-plugins/blob/main/plugins/rbac-backend/README.md) to integrate rbac in your Backstage instance. --- **NOTE** -To enable create role button on Administration -> RBAC roles list page, the role associated with your user should have the following permission policies associated with it. Add the following in your permission policies configuration file: +- For non-admin users, to enable create role button on Administration -> RBAC roles list page, the role associated with your user should have the following permission policies associated with it. Add the following in your permission policies configuration file: ```CSV p, role:default/team_a, catalog-entity, read, allow @@ -29,6 +29,20 @@ p, role:default/team_a, policy-entity, create, allow g, user:default/, role:default/team_a ``` +- To fetch the permissions from other plugins like `Kubernetes` and `Jenkins` in the Role Form as mentioned [here](https://github.com/janus-idp/backstage-plugins/blob/main/plugins/rbac-backend/docs/permissions.md), add the following configuration in your `app-config.yaml`: + +```yaml title="app-config.yaml" +permission: + enabled: true + rbac: + pluginsWithPermission: + - kubernetes + - jenkins + admin: + users: + - name: user:default/ +``` + --- #### Procedure