RBAC for API/service/route visibility within a workspace and dev portal


#1

I just went through [1] and now I have an idea about how to use RBAC to separate out teams.

Now I have 2 questions.

  1. Is there a way to use RBAC to restrict visibility of services, routes etc. within a workspace?

  2. Is there a way to use RBAC to restrict visibility of services, routes etc. within a dev portal?

[1] https://docs.konghq.com/enterprise/0.33-x/rbac/examples/

Thanks.


#2

Hi, this forum is primarily for the Kong Community edition. For Kong Enterprise questions, you will get faster (this forum is not covered by any SLAs) and more customized responses if you contact your sales / customer success representative.

Yes. RBAC can be applied to a finer granularity than workspaces. The endpoint parameter applies to the urls, so you could create permissions for /services/foo, for example. With entity RBAC, you can even apply rules per entitty itself, so yes.

Currently there’s not a way to apply RBAC in a dev portal. It’s in the roadmap and it’s being worked on, but not released yet.