This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Edge: Proxy access restriction by user/s

Posted on 08-15-2018 07:57 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi All,

I have a question in regards how Edge to works when you have multiple teams using a single Edge instance.

I am interested in how to load proxies in SaaS model, based on their group or permission, without having to load all the proxies used within the organisation. And example of this would be. If I have Proxies, A, B, C, D, and E. I only want to be able to load A and B to user User-1, and hide the rest C and D.

I assume this would be done fairly easily in a on Private Cloud solution, where you install a specific instance for a given group and so on, but this would require licence on all different server, and if you have limited budget might not be the optimal option.

Please let me know how to do this.

Thanks

Jared

0 3 205
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Jared, I think we can make use of Custom Roles here. An admin can create custom roles & assign them to users. Maybe we can use the View option here. Please give it a try.

7315-view-proxies.jpg

Or do you mean, loading(showing) proxies on edge ui (api proxies page)?

I'm not sure if it can be done.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to sidd-harth
Reply posted on --/--/---- --:-- AM

Yes, I mean showing, proxies on edge page, so that A and B only will be able to see it.

I understand you can create custom roles & assigns, and assign it to user and based on a role user can perform certain actions e.g. tracing. What I mean is show proxies, based on who is logged-in ion api proxies page.

Thanks

0 Likes

Posted on --/--/---- --:-- AM
kurtkanaskie
Staff
Reply posted on --/--/---- --:-- AM

@Jared

You can do this with custom roles, and this is covered in our Coursera training - Course 1 Module 2 - RBAC.

The key to remember is that when a user is in a custom role (e.g. by project or business area), API proxies created by users in that role are only visible to other users in that role (except of course OrgAdmins which can see everything).

It's pretty easy to try it:

  1. Create a role for say Project1 and Project2.
  2. Then create and assign users to each of those roles (hint: create new users following the '+' pattern username+p1@gmail.com, username+p2.gmail.com to test).
  3. Log in as usrname+p1@gmail.com and create a few proxies.
  4. Log in as usrname+p2@gmail.com and create a few more proxies.

Observe what proxies each user can see.

Observe what each of the custom roles look like (you should see specific proxies in each role).

NOTE: this works for newly created proxies (and other artifacts) by users in that role. You can add other proxies that have been previously created, once you see how it works.

Hope that helps and let us know how you make out.