Infoblox RBAC

Infoblox uses campus Manifest and SAML for authorization. The following chart provides information regarding how Manifest groups can map to infoblox roles and objects.

Of note:

Users need to be in ONE campus Manifest group ONLY for Infoblox access.  The reason for this is all groups get presented to Infoblox during the SAML exchange.  The ordering is random.  Infoblox only acts on the first group presented.  Results can be very inconsistent across user logins.

There is a 1:1 relationship between Manifest groups and Infoblox groups.

An Infoblox group can have one or many roles assigned.

An Infoblox role is applied to one or many objects.

Objects (e.g. networks, DNS zones) can have one or many roles with varying permissions levels, e.g. only A RRs, read-only, etc.

PDF of image below

Infoblox role-based access control diagram.



Keywords:
RBAC permission manifest 
Doc ID:
139063
Owned by:
Tim C. in DDI
Created:
2024-08-12
Updated:
2024-08-12
Sites:
DNS, DHCP, and IPAM