RBAC groups Enterprise
With user groups, you can assign role bindings to the users of your organization in bulk.
Groups are available for Nobl9 Enterprise Edition customers who have configured the SCIM synchronization with their Identity Provider (IdP), for example, Azure AD or Okta.
Permission aggregation: Nobl9 RBAC uses an additive permission model. Users gain permissions from all their role assignments. Adding a user to a group with a different role does not replace their existing permissions; instead, it adds the new role's permissions to their existing ones. Permissions acquired through group membership cannot be revoked by individual assignments.
Importing RBAC groups
To create a user group in Nobl9, an Organization admin synchronizes the group data from the organization's IdP. After a successful Nobl9 SCIM-IdP synchronization, an Organization admin can view the group in Nobl9.
Organization admins can set role bindings for the imported groups from an IdP on the Nobl9 Web or using the sloctl apply
command for the group RoleBindings
.
To view the created group on the Nobl9 Web, Organization admins go to Settings > Groups:

Click a group to open its details and view the group's identification information, its origin, and associated users and roles:

To assign a project to your group, open Projects & roles. Click

To assign an organization role to the group, click Organization roles and select the required role:

You can view user groups assigned to a specific project under the required project details > the Groups tab:

All users group
Every organization with the
The All users group is listed under the Settings > Groups tab, along with other groups.
It's always on the top of the list and is marked by .
For organizations without SCIM integration, this is the only group available in the Groups tab.