Infoblox RBAC / role-based access control

Infoblox uses campus Manifest and SAML for authorization. Authorization for services is based upon membership in a Manifest group, the contents of which is managed by you / your organization. It is your / your organization's responsibility to ensure the correct people are listed in these Manifest groups.

Network Services personnel will create the appropriate Infoblox group and/or roles during the onboarding process for your workgroup.

The following chart provides information regarding how Manifest groups can map to infoblox roles and objects.

Important: Users need to be in ONE campus Manifest group ONLY for Infoblox access.  The reason for this is all groups are presented in a list to Infoblox during the SAML exchange.  The ordering is random.  Infoblox only processes the first group presented.  Results will be very inconsistent across user logins.

  • There is a 1:1 relationship between Manifest groups and Infoblox groups.
  • An Infoblox group can have one or many roles assigned.
  • An Infoblox role is applied to one or many objects.
  • Objects (e.g. networks, DNS zones) can have one or many roles with varying permissions levels, e.g. only A RRs, read-only, etc.

PDF of image below

Infoblox role-based access control diagram.



Keywords:
RBAC permission manifest 
Doc ID:
139063
Owned by:
Tim C. in DDI
Created:
2024-08-12
Updated:
2025-05-05
Sites:
DNS, DHCP, and IPAM