Scenario Description

In modern enterprises, custom role management within system functionality is crucial. Companies typically have different departments and teams, each with varying functional and permission requirements. JumpServer also supports built-in role-based access control (RBAC), and through custom roles, organizations can flexibly manage user access permissions, avoiding security risks that may arise from excessive permission allocation or overly restrictive limitations. Additionally, this flexibility enhances employees' autonomy and efficiency at work, enabling them to access necessary resources and tools more quickly.

Operation Instructions

Here we will demonstrate how to create a role that allows viewing Assets, which can be assigned to regular users.

Creating a system role

In the JumpServer Console page, we enter the <Roles> module and click <Create> System role, naming the role <View Assets role>.

Role permissions

On the <Roles> page, click the name <View Assets role> to enter the role permissions page. We first select the view permission, <View console view>, and then select <Assets>.

Note: View permissions need to be manually selected, such as View console view and View audit view.

Role Binding

We create a test user, <Test_user_1018>, in the <Users> module and select the <View Assets role> for the <System roles> field.

Function Verification

After logging in with the test user <Test_user_1018>, you can see that this user's permissions are limited to <Assets> only.