This feature is exclusively available to participants in the Early Access Program (EAP). For details about the EAP, visit the Infoblox Early Access Program page. Infoblox consistently updates our documentation as we introduce new features to the EAP.
BloxOne allows the creation of specific DDI (DNS, DHCP, IPAM) resources within compartments. Users who belong to a compartment can create DDI objects only when the parent objects already exist in the respective compartment.
For instance, if the root admin or user already created a parent CIDR in a compartment, users who belong to the compartment can select a CIDR in the parent CIDR within the associated compartment. When using the next available IP address or subnet, the system will select the next available IP address or subnet within the parent CIDR inside the associated compartment. Similarly, only root admin or user can create parent address blocks. Other users can create an address block only if the parent address block is already in the respective compartment.
In addition, resources created or linked to a particular compartment are also accessible at the root compartment level. Consequently, only corporate admins have access to all resources in all subcompartments.
BloxOne supports the following DDI objects to be assigned to compartments:
IP spaces
Address blocks
The following DDI objects inherit the assigned compartments from their parent objects. Users are not allowed to create these objects within a compartment.
Address ranges
Subnets
Fixed addresses
Individual IP reservations/fixed addresses
Only users with the applicable permissions can access and manage child DDI objects within the context of the designated compartment. For information about user roles, groups, and access policies, see Managing Role-Based Access Control.
Only IPAM objects are currently supported. Additional DNS and DHCP objects will be added in future releases.