-
Change Request
-
Resolution: Unresolved
-
Trivial
-
None
-
None
-
None
-
None
-
Zabbix 5.0.1
I wanted to tenant off Zabbix for multiple private environments. And with that comes security and visibility of neighboring information concerns.
Steps to reproduce:
- Create host groups intended for private tenancy and segregated permission sets of hosts, lets call this tenant A.
- create discovery rules for private tenant A and tenant B networks related to two different environments (which you want to keep private from each other)
- Elevate one user from private tenant A to Zabbix Admin, with the hosts permissions set to ALL = none , TENTANTA = READ
- Goto Configuration --> Discovery
- Tenant 1 Zabbix Admin can see the discovery rule for private tenant B and name etc.
Result:
Discovery rules are visible to ALL "Zabbix administrators", and not tied does by permissions of host group hierarchy
Ideal outcome:
Restrictions on discovery rules to be visible/relational to host groups in order to show/hide based on permissions sets.