Role-Based Access Control
Access Control Service
Access Control Service (ACS) provides the capability to regulate access to various services by providing authorization and authentication to internal as well as external resources.
ACS provides policy access to manage users by providing authentication and authorization. ACS defines a role and assigns these roles to the users. This helps the Linux platform provide secure and safe access to various services.
Role-Based Access Control (RBAC)
Role-based access control (RBAC) is an approach to restrict a system access to authorized users. RBAC acts as an authorized system to manage resource access by assigning the required permissions and restrictions.
Scope for Roles
Roles are created and assigned to a member. Scope provides a limited boundary for the role to access their rights and permissions. You can create a role that are are specific for a particular boundary and are limited for a particular scope of actions.
Various scopes are available in the LFX platform. Some of the scopes are:
Project
Organization
Project and Organization
Community
Training
Events
Roles in Linux Foundation Platform
These sections provide various roles that are created for Linux Foundation platform. The various roles are listed below:
CLA Signatory
Community PM
Company Admin
Company Owner
Contact
Contributor
Donor
LF Events
LF Exec
LF Finance
LF Legal
LF Ops
LF PM
LF Training
Mentee
Mentor
Project Maintainer
Project Manager
User
CLA Signatory
CLA Signatory is a member belonging to an organization who has the signing authority for CCLA contracts.
Community PM
Company Admin
Company Admin is an individual member belonging to an organization who has been authenticated by the Owner with full control over projects, organization, and users.
Company Owner
Company Owner is an individual member belonging to an organization who has been authenticated with full control over projects, organization, and users. The owner also has control over ACS.
Contact
Contact is a member from an organization who is also a Linux Foundation customer.
Contributor
Contributor may be an individual member or a member belonging to any organization. Contributor is assigned and authenticated to update and work on their own projects.
Donor
Donor may be an individual member or a member belonging to any organization who donates to a project. Donor has access to the projects to which they are donating.
LF Events
LF Events is an internal employee of Linux Foundation who can create and manage events.
LF Exec
LF Exec is an internal employee of Linux Foundation who can manage sales operations.
LF Finance
LF Finance is an internal employee of Linux Foundation who can manage financial operations.
LF Legal
LF Legal is an internal employee of Linux Foundation who can manage legal operations.
LF Ops
LF Ops is an internal employee of Linux Foundation who can manage all administrative activities of the organization.
LF PM
LF PM is an internal employee of Linux Foundation who can manage multiple projects.
LF Training
LF Training is an internal employee of Linux Foundation who can manage the role of trainer and trains the members on various projects.
Mentee
Mentee may be an individual member or a member belonging to any organization who can enroll in a project as an apprentice or trainee. Mentees will get training and guidance on the project that can help the mentee to advance in their careers.
Mentor
Mentor may be an individual member or a member of any organization who contributes to various open source projects and helps to train and guide mentees on their apprentice programs.
Project Maintainer
Project Maintainer is an individual member who has been assigned administrative rights to control and manage activities related to mentorship programs and open source projects.
Project Manager
Project Manager is a member of an organization who has been authenticated to create and manage projects and users.
User
An authenticated individual who has been assigned predefined roles and permission by the administrator. A user can view all projects and organizations.
Last updated
Was this helpful?