User Groups
less than a minute
UDS Core deploys Keycloak which has some preconfigured groups that applications inherit from SSO and IDP configurations.
Applications
Grafana
Grafana maps the groups from Keycloak to it’s internal Admin and Viewer groups.
| Keycloak Group | Mapped Grafana Group |
|---|---|
Admin | Admin |
Auditor | Viewer |
If a user doesn’t belong to either of these Keycloak groups the user will be unauthorized when accessing Grafana.
Neuvector
Neuvector maps the groups from Keycloak to it’s internal admin and reader groups.
| Keycloak Group | Mapped Neuvector Group |
|---|---|
Admin | admin |
Auditor | reader |
Keycloak
Note
All groups are under the Uds Core parent group. Frequently a group will be referred to as Uds Core/Admin or Uds Core/Auditor. In the Keycloak UI this requires an additional click to get down to the sub groups.
Identity Providers ( IDP )
UDS Core ships with a templated Google SAML IDP, more documentation to configure the realmInitEnv values in uds-identity-config.
Alternatively, the realmInitEnv can be configured via bundle overrides like in the k3d-standard-bundle.
Configuring your own IDP can be achieved via:
Custom uds-identity-config with a templated realm.json
Keycloak Admin UI and click ops
Custom realm.json for direct import in Keycloak
Feedback
Was this page helpful?