Roles

You can log in to the engine console and create, edit, delete, and view roles of a Nacos engine based on service requirements. Permission control by namespace or finer granularity is supported.

If the Nacos engine is upgraded from an earlier version to 2.1.0.1, the system has the built-in role ROLE_ADMIN by default. The role cannot be deleted.

Creating a Role

Log in to CSE.
In the left navigation pane, choose Registry/Configuration Center.
Click the target Nacos engine.
Choose Permission Control.
On the Roles tab page, click Create Role.
Enter a role name.

The role name cannot be changed once the role is created.
Set Associated user. Select the user created in Creating an Account from the drop-down list.
Add permission configurations.
Click Add Permission Configuration and select a namespace and action (Read only, Write only, or Read/write). You can add multiple permission configurations at a time or click Delete in the Operation column of a permission configuration to delete it.

The role also has the permissions configured here.
Click Create.

Editing a Role

Log in to CSE.
In the left navigation pane, choose Registry/Configuration Center.
Click the target Nacos engine with security authentication enabled.
Choose Permission Control.
On the Roles tab page, click Edit in the Operation column of the role to be edited.
Modify Namespace and Action based on service requirements.
Click Edit.

Deleting a Role

Log in to CSE.
In the left navigation pane, choose Registry/Configuration Center.
Click the target Nacos engine.
Choose Permission Control.
On the Roles tab, click Delete in the Operation column of the role to be deleted. In the displayed dialog box, enter DELETE and click OK.

Deleted roles cannot be restored. Exercise caution when performing this operation.