RBAC Overview

The Role Based Access Control (RBAC) is a runtime database that consists of roles and rules that are mapped to users. RBAC lets you secure the management of your network infrastructure by defining the roles for each network administrator for their specific function. The resource access permissions ensure that the network administrator of one department cannot modify the configuration of another department. The feature access permission allows you to create roles based on the function of the user.

Every user is mapped to a role in the RBAC database and every role has one or more rules. RBAC supports 64 roles and you can configure a maximum of 1000 rules per role.

This figure shows the mapping of users, roles, and rules. In this example, User 3 and User 8 share the same role, Role 3. In turn, Role 3 points to the various rules it was configured to support.

RBAC role and rule mapping