About the plugin
The RBAC plugin is a no-code management UI for restricting access to plugins, routes, and data within Backstage. Admins can quickly define roles, assign users and groups, and configure permissions to encode authorization decisions according to your organization's evolving security and compliance needs.
Simplify access management
RBAC makes it easy for anyone, not just engineers, to efficiently manage access to resources and actions in Backstage. With its no-code interface, administrators can easily set up roles with members and permissions - including complex conditional permissions or those exported from private plugins.
Remain compliant and secure
The simpler it is to manage role-based access control, the better protected your data will be. RBAC allows administrators to quickly, flexibly, and easily create, publish, edit, or revert permission policies to stay up-to-date and compliant with your organization's security needs.
Role-Based Access Control (RBAC) features
Roles make permission decisions in the RBAC plugin. Each role includes a list of members and affiliated permissions. RBAC integrates with Backstage's catalog of users and groups to assign role membership.
Permissions can be matched to the role by specific permission name, permission properties, or globally. Permissions return policy decisions – either allow, deny or conditional.
The RBAC plugin has a condition builder that helps you compose rules corresponding to the permission.
The Policy Tester is a powerful feature to simulate your draft and published policies to determine the outcome for specific permissions and roles.
After you're done creating a policy, you can publish it. Backstage immediately uses the new policy to make authorization decisions.