This guide explains how to configure single sign-on (SSO) support for NetBox Cloud using Microsoft Azure Active Directory (AD) as an authentication backend.
-Create a test user (optional) -Create a new user in AD to be used for testing. You can skip this step if you already have a suitable account created.
-Create an app registration -Under the Azure Active Directory dashboard, navigate to Add > App registration.
-
Enter a name for the registration (e.g. "NetBox Cloud") and ensure that the "single tenant" option is selected.
-Under "Redirect URI", select "Web" for the platform and enter the path to your NetBox Cloud installation, ending with /oauth/complete/azuread-oauth2/.
-Eg. https://{your-domain}.cloud.netboxapp.com/oauth/complete/azuread-oauth2/
-
Once finished, make note of the application (client) ID; this will be used when configuring NetBox Cloud.
-
Multitenant authentication
-NetBox also supports multitenant authentication via Azure AD, however it requires a different backend and an additional configuration parameter. Please see the python-social-auth documentation for details concerning multitenant authentication.
Create a secret
-When viewing the newly-created app registration, click the "Add a certificate or secret" link under "Client credentials". Under the "Client secrets" tab, click the "New client secret" button.
-
You can optionally specify a description and select a lifetime for the secret.
-
Once finished, make note of the secret value (not the secret ID); this will be used when configuring NetBox Cloud.
-
Securely share the following configuration parameters with NetBox Labs Support, substituting your own values:
-REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2' -SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = '{APPLICATION_ID}' -SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = '{SECRET_VALUE}'
-The support team will add these parameters to your NetBox Cloud instance and confirm when this is ready for testing.
-Log out of NetBox Cloud if already authenticated, and click the "Log In" button at top right. You should see the normal login form as well as an option to authenticate using Azure AD. Click that link.
-
You should be redirected to Microsoft's authentication portal. Enter the username/email and password of your account to continue. You may also be prompted to grant this application access to your account.
-
If successful, you will be redirected back to the NetBox Cloud UI, and will be logged in as the AD user. You can verify this by navigating to your profile (using the button at top right).
-This user account has been replicated locally to NetBox Cloud, and can now be assigned groups and permissions within the NetBox Cloud admin UI.
-Azure requires that the authenticating client request a redirect URI that matches what you've configured for the app in step two. This URI must begin with https://
-If you are redirected to the NetBox Cloud UI after authenticating successfully, but are not logged in, double-check the configured backend and app registration. The instructions in this guide pertain only to the azuread.AzureADOAuth2 backend using a single-tenant app registration.
Upgrade your Single Sign-On experience with Group Mapping for Azure SSO – a smarter, more secure way to manage user access. The Group Mapping feature for Azure Single Sign-On, streamlines the synchronization of group memberships from Azure Active Directory to groups in NetBox Cloud, allowing you to align your user access efficiently and accurately.
-Info
-This feature is only available in Pro/Enterprise tiers.
-Changes in Azure Active Directory groups are reflected in NetBox Cloud, ensuring up-to-date access management and enhanced security. You can tailor the group mapping to your organizational needs while maintaining strict security and compliance standards.
-If you are already securing access to NetBox Cloud using Azure AD for SSO, and would like use the Group Mapping feature it's easy to get set up. Simply create your groups and permissions in NetBox Cloud, then set up your groups in Azure AD and reach out to the support team at NetBox Labs and we will take care of the group mappings for you to suit your requirements.
-Note
-We’ve made some important updates to the Azure AD user group sync feature that may affect group memberships and permissions of Azure AD SSO users accessing NetBox Cloud. To support enterprise Azure AD environments, we’ve added pagination to retrieve large lists (100+) of membership groups for users. To support NetBox group assignments from Azure nested groups, we’ve changed the Azure API endpoint used for group retrieval from memberOf to transitiveMemberOf.
This means that users will now be made members of NetBox user groups based on the configured group mappings for both direct membership Azure groups and transitive Azure groups (parent groups of direct membership groups). Under specific conditions, users may gain additional group memberships and permissions. We strongly advise you review your NetBox Cloud and Azure AD user, group and permission configurations to ensure they align to your security requirements.
-Watch the video below for a step-by-step example of how the Group Mapping feature works, or read on for an explanation.
- - -Group mappings are based on the Object ID of the group in Azure AD. For example:
-
The Object ID is mapped to a group in NetBox Cloud, and that group could have permissions assigned to it. For example, this group called CircuitManager in NetBox Cloud has permissions assigned to it that allows members of the group to manage all of the Circuit and Provider object types:
-
Optionally, members of the Azure AD groups can also be members of the NetBox built-in groups Staff which allows access to the NetBox admin interface, and Superuser which has all permissions without explicitly assigning them.
-The NetBox Labs support team will map your Azure AD Group Object ID's to your NetBox Cloud groups, for example:
-| Azure AD Group Object ID | -NetBox Cloud Group | -Staff | -Super User | -
|---|---|---|---|
| 1a36bed9-3bdc-4970-ab66-faf9704e0af4 | -Circuit Manager | -Yes | -No | -
Simply provide us with your requirements in terms of object IDs and NetBox groups and we will take care of the rest.
-If you have any questions about Group Mapping for Azure AD Single Sign-On (SSO), please raise a support ticket by emailing the NetBox Labs Support Team.
- - - - - - - - - - - - - - - -From within the NetBox Cloud Web Interface, you can easily switch to the NetBox Labs Console. Simply follow the steps outlined below:
-In the left hand main menu, click to expand the NetBox Labs plugin menu, and then click on Open Console:
-
You will now be taken to the NetBox Labs Console login page:
-
Note If you don't already have access to the console, you can request this by clicking on Request Console Access in the NetBox Labs plugin menu from the main NetBox Cloud web interface, and then clicking the link to email the NetBox Labs Support Team to request access.
-
If you encounter any issues when accessing the NetBox Labs Console, raise a support ticket by emailing the NetBox Labs Support Team
-Request access to the NetBox Labs Console by emailing the NetBox Labs Support Team.
-The NetBox Cloud team will set up your account with your email address as the username, and you will use this to access the NetBox Labs Console. To complete the set up of your account, follow these steps:
-You will receive an email advising you of your username, along with a temporary password and a link to the console URL. Click the link to login
-Enter the username (your email address) and the temporary password as per the email, and click ‘Sign in’:
-
You will then be prompted to change your password:
-
The set up is now complete and you are logged into the NetBox Labs Console. You will see (and be able to administer) all the NetBox Cloud instances running under your Organization.
-
To retrieve the credentials for the admin user of a NetBox Cloud instance, either click to reveal or copy them from the Credentials section:
-
Then click the on either of the two links to open the URL of the instance in a new browser window:
-
Lastly, login to the NetBox Cloud UI with the username and password you have copied from step 5:
-
To access your NetBox Cloud Administrative Console, follow these steps:
-Click on the arrow next your Organization Name and then click on the Namespace ID
-
Next scroll down and click on the NetBox panel, and then click on the NetBox ID link to launch the Administrative console
-
This compressed full page screenshot breaks the full Administrative Console down into similar sections. Each section is designed to give you greater insight to your NetBox instance.
-
The Information Panel provides a view of basic information relating to your NetBox Cloud instance. Here you will find the name of your NetBox Cloud instance within your Organization's Namespace, along with the AWS Region and the NetBox version. You also have a link to the instance raw URL, plus a refresh button for the instance data.
-
The NetBox Deployment panel lists various service and configuration status points. Included will be the current version, and version upgrade controls, the number of instance replicas, and resource allocations. The instance image and namespace are also listed here.
-The Secrets section provides access to the current secret credentials for the instance API Token, local “admin” user account and Secret Key. When the Administrative Console initially loads these values will be hidden.
-
The Ingress pannel gives the Name, Domain and DNS Name information for the NetBox Cloud instance, as well as the number of Ingress Pods and the Load Balancer status.
-
The Storage Panel contains information on the storage bucket, user, and access key ID. Clicking the open eye will reveal the Access Key secret details.
-
The Postgres Database panel (left) gives the current status of the database, along with details of the host, username and database name for the instance. Clicking the open eye will reveal the Postrges Database secret details.
-The Postgres panel (right) gives the number of database instances, their status, instance names, version, Aurora capacity unit consumption, current configured backup retention period, and security group IDs. Clicking the open eye will reveal the Postrges secret details.
-
The Redis Database panel (left) gives the name, status, host, user, and ID of the Main and Cache Redis databases.
-The Redis panel (right) gives the name, status, resource, image and version information for the Redis instance. Clicking the open eye will reveal the Redis secret details.
-
If the Ingress Allow List is configured, then inbound Web/API traffic will only be permitted to either IPv4 or IPv6 CIDR ranges listed on the Ingress Allow List.
-
This NetBox Configmap ENV allows you to view or manage the underlying variables for the instance
-
The NetBox Startup Configmaps (redacted screenshot) allows you to view or manage the underlying configmaps for the instance.
-
The Pods screen allows you to view the underlying composition of the instance. This includes versions, operational status, vCPU and Memory information.
-The NetBox Cloud Free Plan is perfect for small networks, lab environments, and targeted use cases. It includes up to 100 devices, 500 IP addresses, 10k API requests/month, and 2 operational branches.
-The following features are enabled in the NetBox Cloud Free Plan:
-If you need more, or you need features like advanced SSO, Plugins, Webhooks, Custom Scripts, Custom Hostnames, the ability to work with backups, commercial support, and more, check out our paid plans.
- - - - - - - - - - - - - - - -Info
-Current functionality of the Hostnames Manager is limited to viewing Hostnames along with their associated NetBox Cloud instances and categories. Enhanced functionality to manage Hostnames is coming soon in a future release.
-From within the NetBox Labs Console click on Settings in the left-hand main menu to manage the settings for your Organization:
-
Click to expand Hostnames Manager
-
From here you can view the Hostnames configured for your organization. Under NetBox you can see which NetBox instance is associated with a given hostname, and what Category the hostname is:
-
Hostname categories are defined as follows:
-| Category | -Definition | -
|---|---|
platform random |
-A randomly generated hostname created when a new NetBox Cloud instance is created, usually as a trial. | -
platform custom |
-A custom hostname on the NetBox cloud platform eg. abcwidgets.cloud.netboxapp.com |
-
org custom |
-A custom hostname defined by your organization eg. netbox-prod.abcwidgets.com |
-
Organization Custom Hostnames are available in NetBox Cloud Professional and Enterprise plans, and if you would like to set one up please raise a support ticket by emailing the NetBox Labs Support Team.
-Note
-Organization Custom Hostnames are not available for Starter plans. For more information about pricing plans click here
-From within the NetBox Labs Console, you can easily view installed NetBox Cloud Plugins, along with their Scope and Version number. Simply follow these steps:
-From within the NetBox Labs Console click on the three dots in the top right corner of the NetBox Instance panel, and click manage
-
Click on Plugins to view the installed Plugins:
-
View the list of installed Plugins, their scopes and version numbers:
-
Info
-There are two types of plugin scope - public for any plugins that are publicly available and organization for custom plugins.
-Upgrade your Single Sign-On experience with Group Mapping for Okta SSO – a smarter, more secure way to manage user access. The Group Mapping feature for Okta Single Sign-On, streamlines the synchronization of group memberships from Okta to groups in NetBox Cloud, allowing you to align your user access efficiently and accurately.
-Changes in Okta groups are reflected in NetBox Cloud, ensuring up-to-date access management and enhanced security. You can tailor the group mapping to your organizational needs while maintaining strict security and compliance standards.
-If you are already securing access to NetBox Cloud using Okta for SSO, and would like use the Group Mapping feature it's easy to get set up. Simply create your groups and permissions in NetBox Cloud, then set up your groups in Okta and reach out to the support team at NetBox Labs and we will take care of the group mappings for you to suit your requirements.
---ℹ️ Note
-This feature is only available in Pro/Enterprise tiers.
-
Group mappings are based on the name of the group in Okta, which is mapped to a group in NetBox Cloud, and that group could have permissions assigned to it. For example, this group called CircuitManager in NetBox Cloud has permissions assigned to it that allows members of the group to manage all of the Circuit and Provider object types:
-
Optionally, members of the Okta groups can also be members of the NetBox built-in groups Staff which allows access to the NetBox admin interface, and Superuser which has all permissions without explicitly assigning them.
-The NetBox Labs support team will map your Okta group names to your NetBox Cloud groups, for example:
-| Okta Group Name | -NetBox Cloud Group | -Staff | -Super User | -
|---|---|---|---|
| NetBox-Circuit-Mgrs | -Circuit Manager | -Yes | -No | -
Simply provide us with your requirements in terms of Okta group names and NetBox groups and we will take care of the rest.
-If you have any questions about Group Mapping for Okta Sign-On (SSO), please raise a support ticket by emailing the NetBox Labs Support Team.
- - - - - - - - - - - - - - - -This guide explains how to configure single sign-on (SSO) support for NetBox Cloud using Okta as an authentication backend.
-Note that Okta offers free developer accounts
-Create a test user (optional) -Create a new user in the Okta admin portal to be used for testing. You can skip this step if you already have a suitable account created.
-Create an app registration -Within the Okta administration dashboard, navigate to Applications > Applications, and click the "Create App Integration" button. Select "OIDC" as the sign-in method, and "Web application" for the application type.
-
On the next page, give the app integration a name (e.g. "NetBox Cloud") and specify the sign-in and sign-out URIs. These URIs should follow the formats below:
-
Under "Assignments," select the controlled access setting most appropriate for your organization. Click "Save" to complete the creation.
-Once finished, note the following parameters. These will be used to configured NetBox Cloud.
-
Securely share the following configuration parameters with NetBox Labs Support, substituting your own values:
-REMOTE_AUTH_BACKEND = 'social_core.backends.okta_openidconnect.OktaOpenIdConnect' -SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY = '{Client ID}' -SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET = '{Client secret}' -SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL = 'https://{Okta domain}/oauth2/'
-The support team will add these parameters to your NetBox Cloud instance and confirm when this is ready for testing.
-Log out of NetBox Cloud if already authenticated, and click the "Log In" button at top right. You should see the normal login form as well as an option to authenticate using Okta. Click that link.
-
You should be redirected to Okta's authentication portal. Enter the username/email and password of your test account to continue. You may also be prompted to grant this application access to your account.
-
If successful, you will be redirected back to the NetBox Cloud UI, and will be logged in as the Okta user. You can verify this by navigating to your profile (using the button at top right).
-This user account has been replicated locally to NetBox Cloud, and can now be assigned groups and permissions within the NetBox Cloud admin UI.
- - - - - - - - - - - - - - - -You can secure access to your NetBox Cloud instance by adding IPv4 and IPv6 addresses and ranges to Prefix Lists, which can then be applied to NetBox instances to control which source IPs your instances will accept connections from.
-The following features are available in the NetBox Labs Admin Console when working with prefix lists:
-There is also large list support (~15K prefixes) and separate prefixes can be applied to the NetBox Cloud UI, API and GraphQL interfaces.
-Note
-When you have built your prefix lists in the Admin Console, raise a support ticket by emailing the NetBox Labs Support Team and we will apply them to your NetBox Cloud instances.
-Watch this quick video or follow the steps outlined below to start managing your prefix lists:
- - -From within the Admin Console, navigate to Settings in the left-hand menu
-
Scroll down and click to expand the Prefix List section, and then click on Create Prefix List on the right hand side to start the wizard:
-
Give the prefix list a name and then click CREATE PREFIX LIST:
-
Enter the first prefix and give it a description. If you wish to add additional prefixes then you can also do that here by clicking + ADD ADDITIONAL PREFIX, then when you are happy click CREATE PREFIXES.
-Note - if you wish to add the IP address that you are currently using then click Use Current IP Address and this will add it to the prefix list:
-
You can then view the prefix list from within Settings > Prefix List:
-
From within the Admin Console, navigate to Settings in the left-hand menu
-
Scroll down and click to expand the Prefix List section, and then click on Create Prefix List on the right hand side to start the wizard:
-
Give the prefix list a name and then select the Yes radio button to sync the prefix list from a NetBox. Then select the NetBox instance you wish to sync from, specify the NetBox Tag that you wish to use, and then click CREATE PREFIX LIST:
-
Switch to your NetBox instance, and go to Customization > Tags and create the required tag(s) to be applied to any prefixes that are to be synchronized to the Prefix List:
-
Under IPAM > Prefixes add the prefixes, give them a description and tag them with the appropriate tag:
-
You can then view the prefixes in NetBox under IPAM > Prefixes (Tip - filter on the tag):
-
Switch back to the Admin Console to view the prefix list from within Settings > Prefix List. Note - it can take a few minutes for the prefix list to be fully synchronized from NetBox.
-
Note - this only works for prefix lists that are not synchronized with a NetBox. To edit NetBox synchronized prefix lists you should make the edits within NetBox.
-From within the Admin Console, navigate to Settings in the left-hand menu, and then scroll down and click to expand the Prefix List section. Then click on the name of the prefix list you wish to edit:
-
To add more prefixes to the list, click on Create Prefix and then follow the wizard again to add more prefixes.
-To edit a prefix, click EDIT and then make your required changes and then click EDIT PREFIX to save your changes:
-
To delete a prefix, click DELETE and then if you are sure you wish to delete the prefix, click DELETE PREFIX when prompted:
-
Note - in order for a prefix list to be deleted it must first be detached from any NetBox instances that it is securing. You will need to contact support and request this before you can delete it.
-From within the Admin Console, navigate to Settings in the left-hand menu, and then scroll down and click to expand the Prefix List section. Then click on the name of the prefix list you wish to delete, and click DELETE PREFIX LIST:
-
If you are sure you wish to delete the prefix list then click DELETE PREFIX LIST when you are prompted to confirm the deletion:
-
If you encounter any issues while working with the IP Allow List raise a support ticket by emailing the NetBox Labs Support Team
- - - - - - - - - - - - - - - -The Public IP addresses that outbound traffic from your NetBox Cloud instance (eg. webhooks) will be seen to be originating from are listed below. This will vary depending on the region that your instance is located in.
-You can whitelist these IP ranges so that inbound access from your NetBox Cloud instance(s) is restricted to just these addresses:
-IPv4 -
3.225.69.195
-3.233.255.24
-34.231.51.53
-IPv6 -
2600:1f18:462e:4c00::/56
-IPv4 -
108.128.2.233
-3.252.161.89
-46.51.185.39
-IPv6
-2a05:d018:1128:7a00::/56
-IPv4 -
13.42.148.73
-18.132.136.73
-18.132.221.240
-IPv6 -
2a05:d01c:11e:a800::/56
-For NetBox Cloud Enterprise customers we offer dedicated IP addresses for accessing the UI and API. Please speak to your account representative for more information.
-
-Please don’t hesitate to reach out to the NetBox Labs Support Team if you have any questions about this or anything else regarding NetBox Cloud.
To log into a NetBox Cloud instance with the admin username and password, you first need to login to the NetBox Labs Console and then retrieve the credentials. Follow these steps:
-Login to NetBox Labs Console and you will see (and be able to administer) all the NetBox Cloud instances running under your Organization.
-
To retrieve the credentials for the admin user of a NetBox Cloud instance, either click to reveal or copy them from the Credentials section:
-
Then click the on either of the two links to open the URL of the instance in a new browser window:
-
Lastly, login to the NetBox Cloud UI with the username and password you have copied from step 2:
-
From within the NetBox Labs Console you can easily enable and disable two-factor authentication (2FA) on a per-user basis.
-Watch this quick video or follow the steps outlined below:
- - -Login to the NetBox Labs Console and then click on the down arrow (top-right) and select Setup Two-Factor.
-
Follow the on-screen instructions and scan the QR code with your Authenticator App of choice (eg. Google Authenticator):
-
Enter the code from your authenticator app and click confirm:
-
Click on the X in the top-right corner to close the dialog box:
-
Click on the down arrow (top-right) and select Sign Out:
-
Log back into the console with your username and password and then when prompted, enter the TOTP code generated by your authenticator app, and click Confirm
-
Login to the NetBox Labs Console and then click on the down arrow (top-right) and select Setup Two-Factor.
-
Enter the TOTP Code from your authenticator app and click Disable.
-
In the dialog box, note that Two-factor authentication is now disabled and close the dialog box.
-
If you encounter any issues while working with two-factor authentication, please raise a support ticket by emailing the NetBox Labs Support Team
- - - - - - - - - - - - - - - -To safely and easily upgrade your NetBox Cloud instance without worrying about any Plugin compatibility issues, follow the steps outlined below or watch the video instructions:
- - -In the NetBox Labs Console, click on the three dots in the top right corner of the instance you wish to upgrade and click Manage. Note the current NetBox version in this example is 3.5.1.
-
Then click on the down arrow next to Plugins and note any installed plugins and their versions:
-
Next, click on the down arrow next to Version Upgrade:
-
The Safe Upgrade tool will present you with the potential and recommended versions you can upgrade to. You will see the version number, the status, and the whether or not installed plugins are compatible with the target NetBox version, plus a link to the release notes for that version.
-
Note that in this case the NetBox BGP and NetBox Topology Views plugins are at a version that is compatible with NetBox version 3.5.9. All versions higher than this (up to 3.6.6) will require an upgrade to the plugins also, but don't worry the safe upgrade tool will handle all of that for you.
-Also note that we could upgrade to any of the other potential options, but that the Safe Upgrade tool is recommending an upgrade to version 3.6.6, and if we select this option, both the plugins will be automatically upgraded to compatible versions as part of the upgrade process.
-Note too that if a plugin is not compatible with a certain NetBox version then you will see a warning like this:
-
In this case you would not be able to upgrade to this version, and the tool will not let you select it. In these cases it can mean that the plugin developer has not yet released an updated version of the plugin that is compatible with that particular version of NetBox.
-Next, select the version you wish to upgrade to, and in this example we will select the recommended version 3.6.6, and then click on UPGRADE VERSION:
-
Click on Continue if you are sure you want to go ahead with the upgrade:
-
You will then see a dialog box confirming the upgrade is in progress:
-
A few seconds later you will see that your NetBox Cloud upgrade is now complete and you will see the new version number:
-
Finally, if you check Plugins again, you will now see the updated versions of the plugins:
-
If you encounter any issues while performing the upgrades or have any questions, please raise a support ticket by emailing the NetBox Labs Support Team
- - - - - - - - - - - - - - - -Within the NetBox Labs Console you can access the backups of your NetBox Cloud database, and are able to perform the following actions:
-Watch this quick video or follow the steps outlined below to get started:
- - -Login to the NetBox Labs Console and then click on the three dots in the top-right corner of the instance you wish to manage and click Manage:
-
Scroll down to the Backup and Restore panel expand it to view the list of available backups:
-
From within the Backup and Restore panel click on Back Up Now, on the right-hand side:
-
Click CONTINUE to confirm that you want to backup of the current version of NetBox Cloud
-
After a short while you will see the On Demand backup you just created appear in the list of available backups:
-
Locate the backup file you wish to retrieve, and click on the Download icon:
-
The download will then be prepared:
-
Once the backup file has been prepared it will automatically be downloaded into the Downloads directory on your local computer's file system. Note the file is a gzip compressed archive of the SQL database file so it will end in .sql.gz.
Identify the database backup you wish to restore from, and click Restore:
-
Click CONTINUE if you are sure you wish to restore the selected backup:
-
The restore process will take place in the background, and depending on the size of the database should take no longer than a few minutes to complete. Once the restore has completed, you can click on See Restore History to view the list of database restores, and you will see your completed restore listed:
-
Your database restore is now complete.
-Info
-Once the database restore is complete your NetBox Cloud instance will restart, and you may briefly see a 503 - Service Unavailable message when you browse to the Web interface. This is normal and will clear after a short while, after which you can log in again.
Also, please be aware that the NetBox changelog will be empty when you first log in after a database restore.
-If you encounter any issues while working with database backups raise a support ticket by emailing the NetBox Labs Support Team
- - - - - - - - - - - - - - - -This document will help you get up and running with NetBox Cloud quickly. It highlights all the unique features provided by NetBox Cloud.
-NetBox Cloud is a managed deployment of the open source NetBox application, extended to improve user experience and maintained by NetBox Labs. NetBox Cloud provides all the power of NetBox without the burden of installation and long-term maintenance.
-All the NetBox Cloud features within the user interface (UI) are found under the "Cloud" heading of the navigation menu:
-
NetBox supports many configuration parameters that affect how it functions. There are two areas of the UI in which these parameters can be adjusted.
-The first area is under the administrative interface. To access this interface, you must be logged into NetBox as a user with administrator privileges. Navigate to the admin UI by expanding the user menu at top right and clicking the "Admin" link. Then, navigate to Extras > Config revisions > Add.
This form will allow you to set various configuration parameters. Once the desired configurations have been made, you may optionally provide a comment as to why the changes were made, and click the "Save" button. This will create a new revision of NetBox's configuration.
-Configuration changes made via the admin UI take effect immediately. If you would like to revert your changes at any point, you can do so within the admin UI by locating the desired previous revision and clicking the "Restore" button to its right.
-You may notice that some configuration parameters are not present from the configuration form in the admin UI. This is because these are not supported by NetBox as dynamic configuration parameters: They can be modified only by altering NetBox's configuration file. Such settings include: -- User authentication (including SSO) -- Enabling & configuring plugins -- Time & date formatting
-NetBox Cloud exposes these configuration parameters through its own interface, which can be reached by navigating to Cloud > Administration > Configuration.
Once the desired configuration parameters have been set, click the "Save & Restart" button. Note that the application of these changes does require a restart of some NetBox Cloud services, and access to the NetBox Cloud UI and API may be interrupted briefly.
-NetBox Cloud currently supports single sign-on (SSO) authentication for the following providers:
-We are implementing support for additional backends as customers request them. If you have a need for a specific authentication backend, please let us know.
-To enable SSO, select the desired backend and provide the required configuration parameters under the appropriate tab. For information on configuring your specific backend service, you can consult the SSO configuration guides in the NetBox documentation, or contact NetBox Labs for assistance.
- - - - - - - - - - - - - - - -Migrating from an on-premises NetBox open source instance to a NetBox Labs NetBox Cloud environment is a straightforward -process. Since NetBox Cloud is built using the same open source software you’re already using, most imports can be -completed quickly for a timely cutover. This checklist will walk you through the steps, highlighting mandatory and optional -points in the process.
-Navigate to your NetBox portal login page to view the version of NetBox you are running. You can also find this information -within the application. This helps the NetBox team understand which upgrade path is required for your data.
-Use the following command to export your existing NetBox database:
-pg_dump --no-owner --no-privileges --username [netbox] --password --host [localhost] [netbox] > [netbox.sql]
---Warning -Inform the NetBox Labs team if you used any additional flags for the pg_dump command, or if you exported the data to a -different format.
-
Optionally, if you are storing images inside NetBox, use the command below to archive your media directory. Note that the -example below shows the default file path. Update the path if you have changed the location of these files.
-tar -czf netbox_media.tar.gz /opt/netbox/netbox/media/
-Optionally, if you have uploaded custom scripts to NetBox, use the command below to archive your scripts directory. Note that -the example below shows the default file path. Update the path if you have changed the location of these files.
-tar -czf netbox_scripts.tar.gz /opt/netbox/netbox/scripts/
-Optionally, if you have uploaded custom reports to NetBox, use the command below to archive your reports directory. Note -that the example below shows the default file path. Update the path if you have changed the location of these files.
-tar -czf netbox_scripts.tar.gz /opt/netbox/netbox/reports/
-Upload the files created in the steps above to a shareable location such as FTP, Dropbox, Box, or Google Drive. If necessary, the -NetBox Labs team can create a secure, dedicated location for you to use.
- - - - - - - - - - - - - - - -