Roles and policies

Cribl’s legacy Roles and Policies model provides role-based access control (RBAC) for on-prem Distributed deployments (Stream, Edge) at the Enterprise license tier.

In on-prem Single-instance deployments and Distributed deployments at other license tiers, all users have full administrative access. Cribl does not enforce RBAC for these deployments.

Cribl.Cloud does not support the legacy Roles and Policies model. On Cribl.Cloud, you must use the Permissions model. On-prem deployments at the Enterprise license tier support both the Permissions model and the legacy Roles and Policies model.

For on-prem deployments at the Enterprise license tier, the Roles and Policies model exists in parallel with the more flexible Permissions model. Cross-compatible Default Roles and Default Policies support customers who still choose to configure Local Users with Roles and Policies. Configured Local Users appear interchangeably on the Local Users page (for the Roles and Policies model) and Members and Teams page (for the Permissions model).

In the legacy Roles and Policies model, the Cribl RBAC mechanism is designed around the following concepts, which you manage in the UI:

• Roles: Logical entities that are associated with one or more Policies. Use Roles to consistently apply Policies to multiple Cribl users.

• Policies: Collections of access rights on objects. Policies are added to Roles, and Roles are assigned to users.

• Local Users: User accounts that you manage directly in the Cribl deployment. You can map Roles to users in the same way that you map user groups to users in LDAP and other common access-control frameworks.

  Users are independent objects that you can configure even without RBAC enabled. For details, see Local Users.

Roles can be integrated with external identity and access management (IAM) mechanisms, such as LDAP and OIDC, and mapped to their respective groups and tags.