What are constraints?

Constraints are part of the RBAC. They are added to team policy rules to set restrictions on teams.

Types of constraints

You can add these types of constraints:

The following team policy rules support constraints:


If you add a constraint to a team policy rule with the "ALL" action, the constraints will automatically be added to all types of actions (CREATE, EDIT, RESIZE).

How to add constraints

To add restrictions you first need to have a team. Visit the RBAC documentation page for more information on how to make a team

Then, follow these steps:

1. Make sure you belong to the owners team

2. Go to the teams page, then click on the team you want to set constraints on. (You can only add constraints on team policy rules with the "allow" operator.)

3. Click the gear icon next to an RBAC policy that applies to machines.

Edit Constraints

4. Enter your constraints in JSON format in the code editor that opens up and click "Save" when you are finished.

5. After save your constraints, click "Save policy" for the changes to take effect


Here is an example of a set of constraints. For a detailed explanation, visit the documentation page for each type of constraint. 

      "msg":"Contact Joe for help"

Please keep in mind that constraints are supported in Mist v4.2 and later. Also, they are available only in Mist Hosted Service (HS) and Mist Enterprise Edition (EE).

Still need help? Contact Us Contact Us