Hi all :wave:

We’re evaluating Pulp at my org. I’m not very familiar with how Pulp’s RBAC model works. Do pulp_rpm and pulp_deb currently offer RBAC?

Also, I found some plugin writer docs for RBAC. Are there any docs written for end users? Optimally, I’m hoping that they’d include the RBAC features, how to use RBAC, etc.

Thanks in advance.


Hi davidd,

Currently we are in the process of adding RBAC to all components of Pulp. We are still in the initial phase of this process, but we are going to be rolling out RBAC on a plugin by plugin basis. The first plugin in the rollout is pulp_file (our generic file plugin) and we plan to add RBAC to pulp_rpm right after. Our other plugins including pulp_deb will hopefully follow soon after these first two. We are also aware of the missing documentation and are planning to add user documentation for RBAC and its features.


Awesome, thank you for the update @gerrod.

I found these issues that I think will track the work:

Will follow them.


There is also the RBAC content guard available in pulpcore, if you are interested to guard access to the published content based on user roles.


@davidd I went to post some stuff about RBAC and came across this thread. I wanted to share that the pulp_rpm RBAC is in progress. RPM RBAC by pavelpicka · Pull Request #2418 · pulp/pulp_rpm · GitHub I believe tests are being added to it, but it’s mostly functional in that PR. Any feedback is welcome.


Not to forget that pulp_container used to have sort of RBAC for quite some time, now was released with the new pulpcore roles framework.

1 Like