Kyverno Permissions Backend Plugin#
Overview#
The Kyverno Permissions backend plugin provides integration with Backstage's permission framework to enable fine-grained access control for Kyverno policy reports. This plugin ensures secure and controlled access to policy information within your Backstage instance.
Features#
Permission Management#
- Integration with Backstage's permission framework
- Fine-grained access control for policy reports
- Configurable permission policies
Access Control#
- Policy report viewing permissions
- YAML manifest access control
- Overview data access management
API Integration#
- Secure endpoints for policy data
- Permission validation middleware
- Integration with frontend components
Technical Details#
Available Permissions#
The plugin provides three main permission types:
-
Overview Access (
kyverno.overview.view)- Access to summary policy report data
- High-level compliance metrics
- Component status overview
-
Report Access (
kyverno.reports.view)- Access to detailed policy reports
- Resource-specific compliance data
- Policy violation details
-
Policy YAML Access (
kyverno.policy.view-yaml)- Access to policy YAML manifests
- Policy configuration details
- Rule specifications
Integration Points#
- Backstage Permission Framework
- Kyverno Policy Reports Frontend
- Kubernetes API Server
- Backstage Catalog
Security Considerations#
- Role-based access control
- Permission validation
- Secure data handling
- Audit trail capabilities