How to manage IP Permissions based on Parent Prefix Values #8099
Unanswered
IdRatherStand
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We've been using Netbox for some time now and have the need to bring in some additional users with a different permission set. These users should have access to Prefixes, Devices, IP's (will get to this shortly) all marked with a certain custom attribute (that defines the network (A or B) they belong to.
The reason we are using custom attributes to mark these networks as opposed to VRF's is that the IP space should still be treated as global, e.g Network A must not have a prefix belonging to Network B. We're not using Tenants either, as these same networks often exist on the same equipment.
Sorting permissions for devices and prefixes is easy, as we ask our core team to tag these with the custom attribute - however we are currently not tagging the IP's themselves with this same custom attribute. This is partly due to the admin overhead however mainly the fact that an IP for Network A cannot exist under a Prefix marked as Network B (by definition).
I did comment in #7845 which would potentially create a relationship between IP and Prefix that would allow a constraint to be applied however it sounds like there may be another
net_*constraint that can be applied to IP addresses that I'm missing? Is there some further documentation on this or an example that I can get stuck into?Beta Was this translation helpful? Give feedback.
All reactions