Hello,
Is there a way to allow users read only access to a Unimus instance while also allowing CLI access and ability to read configs? We do not want them to be able to read or change credentials -- especially within NMS sync.
Allow users read only access + ability to use CLI and read configs
Hi,
currently, it's not possible to further customize our existing roles, so the options they can and cannot manage in Unimus are hard-coded."
That said, we do plan to introduce support for custom roles in the future, allowing users to create a custom role and define exactly which views are accessible and which functionalities can be used in Unimus by such a role. However, implementing such a comprehensive change requires significant time and preparation, and unfortunately, it doesn’t align with our current road-map for this year (2025).
Another planned improvement that could address at least the second part of your request is the extension of Object Access Policies to Credentials. This would allow you to hide specific or even all credentials for particular users. That said, it wouldn't resolve the issue of enabling CLI usage for “Read-only” users. While this feature is also not part of our road-map for this year, it would require considerably less effort to implement compared to the role system rework.
I’ll link your post to our backlog tickets related to both of the previously mentioned topics, and I’ll let you know if there are any updates on either of them.
currently, it's not possible to further customize our existing roles, so the options they can and cannot manage in Unimus are hard-coded."
That said, we do plan to introduce support for custom roles in the future, allowing users to create a custom role and define exactly which views are accessible and which functionalities can be used in Unimus by such a role. However, implementing such a comprehensive change requires significant time and preparation, and unfortunately, it doesn’t align with our current road-map for this year (2025).
Another planned improvement that could address at least the second part of your request is the extension of Object Access Policies to Credentials. This would allow you to hide specific or even all credentials for particular users. That said, it wouldn't resolve the issue of enabling CLI usage for “Read-only” users. While this feature is also not part of our road-map for this year, it would require considerably less effort to implement compared to the role system rework.
I’ll link your post to our backlog tickets related to both of the previously mentioned topics, and I’ll let you know if there are any updates on either of them.