Identity & RBAC
Rune has a small, explicit auth model:
- Subjects are users or services. Each subject has zero or more attached policies. Service subjects are non-human identities for CI/automation — see
rune admin service. - Tokens are bearer credentials issued to subjects. They look like
rune_<uuid>.<uuid>. The token’s secret hashes with SHA-256; only the hash is stored. - Policies are lists of rules. A rule grants
(verbs)on(resource)in(namespace).
A request is allowed if any rule in any of the subject’s policies matches.
The request flow
Section titled “The request flow” ┌──────────────┐ Bearer token ──────▶ │ authFunc │ ── token lookup ──▶ subject_id └──────┬───────┘ ▼ ┌──────────────┐ resource + verb ────▶ │ rbac check │ ── policy eval ────▶ allow / deny namespace └──────────────┘If auth is disabled (auth.enabled: false in the runefile) the whole chain is bypassed. Don’t run that way in production.
Policy schema
Section titled “Policy schema”name: editor-proddescription: Edit services in 'prod' namespace onlyrules: - resource: service verbs: [get, list, watch, create, update, delete, scale, exec] namespace: prod - resource: secret verbs: [get, list] namespace: prod| Field | Notes |
|---|---|
resource | Resource type (service, instance, secret, configmap, namespace, …) or *. |
verbs | List of verbs or ["*"]. |
namespace | Specific namespace or * or empty (treated as *). |
Verbs map to RPCs:
| Verb | Maps to |
|---|---|
get | Get* |
list | List* |
watch | streaming Watch* / StreamLogs |
create | Create*, Cast* |
update | Update* |
delete | Delete* |
scale | Scale*, Restart* |
exec | Exec* |
* | All of the above |
Built-in policies
Section titled “Built-in policies”Seeded at first boot:
| Policy | Rule |
|---|---|
root | * on * in * — full access. Reserved for the bootstrap token. |
admin | * on * in *. |
readwrite | get/list/watch/create/update/delete/scale/exec on * in *. |
readonly | get/list/watch on * in *. |
cast | The minimum permissions a CI pipeline needs to deploy: write services + read instances/logs. |
Tokens
Section titled “Tokens”Tokens are issued for a subject:
rune admin token create alice-laptop \ --subject-name alice \ --policies readwrite \ --ttl 720hThe plaintext secret is printed once. After that, only the SHA-256 hash is in the database.
| Property | Notes |
|---|---|
Name | Human label. |
SubjectID | The user’s ID. |
SubjectType | user for humans, service for CI/automation tokens (see rune admin service). |
IssuedAt | When minted. |
ExpiresAt | Optional — --ttl 0 for no expiry. |
Revoked | If true, all requests fail. |
Revoke immediately:
rune admin token revoke <token-id>Special cases
Section titled “Special cases”Bootstrap
Section titled “Bootstrap”The very first call to a fresh server is AdminBootstrap. It’s the only RPC that doesn’t require auth. After it succeeds, all future calls need a token.
Local-only admin
Section titled “Local-only admin”By default, all admin/* RPCs are gated to localhost on the server side. Toggle with auth.allow_remote_admin: true in the runefile. Don’t enable this on a public address without TLS.
Streaming and namespaces
Section titled “Streaming and namespaces”Note: today, streaming RPCs (logs, exec, watch) bypass namespace-scoped policy rules — only * namespace rules apply to streams. Treat namespace-scoped policies as protection for write APIs, not stream APIs. This is tracked as a hardening item.
Payload-shaped verbs
Section titled “Payload-shaped verbs”Some writes carry a privileged side-effect that’s encoded in the request body rather than the RPC name. Rune gates these behind extra verbs in addition to the standard one for the RPC:
| Verb | Triggered by | Effect |
|---|---|---|
storageclasses.set-default | StorageClass.default: true on create / update | Required on top of storageclasses.create / storageclasses.update. |
services.privileged | securityContext.privileged: true or securityContext.seccompProfile.type: unconfined on the service or any init step | Required on top of services.create / services.update. Without it the server returns PermissionDenied: access denied for resource: services verb: privileged. |
The built-in readwrite policy grants the standard CRUD verbs on every resource but does not include set-default or privileged. Grant those to specific tokens or subjects (e.g. a platform-admin user managing the storage defaults, or a stateful-workload operator who needs seccomp=unconfined for an init step like TigerBeetle’s format) rather than handing out root.
Recipes
Section titled “Recipes”Read-only auditor
Section titled “Read-only auditor”name: auditorrules: - resource: "*" verbs: [get, list, watch] namespace: "*"Per-namespace deploy bot
Section titled “Per-namespace deploy bot”name: prod-deploy-botrules: - resource: service verbs: [get, list, watch, create, update, scale] namespace: prod - resource: secret verbs: [get, list] namespace: prod - resource: configmap verbs: [get, list, create, update] namespace: prodExec-only on-call
Section titled “Exec-only on-call”name: oncall-execrules: - resource: service verbs: [get, list, watch, exec] namespace: "*" - resource: instance verbs: [get, list, watch, exec] namespace: "*"Inspecting
Section titled “Inspecting”rune whoami # who am I and what policies do I haverune admin user listrune admin policy listrune admin policy get readwriterune admin token list