netbox-secrets icon indicating copy to clipboard operation
netbox-secrets copied to clipboard

Published 20 hours ago verified publisher icon Onemind-Services-LLC

[Feature]: Adding a group to secrets

Open naif0s opened this issue 1 year ago • 1 comments

NetBox version

v4.1.5

Feature type

Add a function

Proposed functionality

Add a 'Group' field in 'Secret' to be able to limit certain passwords to groups image

Use case

Let's imagine I want to set a password for the 'root' user of my machine that is only visible to system administrators, and set a password for the 'dev' user that is only visible to developers

External dependencies

None

naif0s avatar Oct 31 '24 15:10 naif0s

Aren't you able to acheive this using roles?

abhi1693 avatar Mar 18 '25 19:03 abhi1693

I did a test key to my server, how do I now restrict the password so only server admins can view the password but company admins cant?

I tried looking through netbox permissions but could not find anything to restrict password viewing to certain user groups.

celeroncool avatar Jun 21 '25 13:06 celeroncool

@abhi1693 I read your comment about roles. Do you mean to create a permission for viewing secrets with a constraint like {"role": 2} ? If I understand correctly, all secrets are encrypted using the same master key, is that right? So even with a constraint like that, any user with a valid user key and access to the Postgres database would be able to decrypt all secrets.

llamafilm avatar Jul 18 '25 01:07 llamafilm

@llamafilm Having a group still does not solve the issue. This plugin does not help to secure the DB, you will have to do that on your own. If you have ideas on how to improve the security, feel free to open a new feature request with the details

abhi1693 avatar Aug 25 '25 17:08 abhi1693