You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
:hover-text: Group-based access control extends RBAC by letting you assign permissions to OIDC groups so that users inherit access based on their identity provider group membership.
3
+
:hover-text: Group-based access control lets you assign permissions to OIDC groups so that users inherit access based on their identity provider group membership.
4
4
:category: Redpanda security
5
5
6
-
GBAC builds on xref:ROOT:manage:security/authorization/rbac.adoc[role-based access control (RBAC)] to simplify permission management at scale. Instead of assigning roles or ACLs to individual users, you assign them to OIDC groups managed by your identity provider. Users inherit permissions from all groups reported in their OIDC token claims.
6
+
GBAC allows you to manage permissions at the group level instead of per user. You can grant permissions to groups in two ways: create xref:ROOT:manage:security/authorization/acl.adoc[ACLs] with `Group:<name>` principals, or assign groups as members of xref:ROOT:manage:security/authorization/rbac.adoc[RBAC] roles. Both approaches can be used independently.
7
7
8
8
For more information, see xref:ROOT:manage:security/authorization/gbac.adoc[].
0 commit comments