Inventory and Identity | Modernizing RHEL Management 09
We are on the next-to-last episode, and this week John pulled back the curtain on two things we had been using all series without really examining: the inventory and identity. The inventory in the hybrid cloud console holds more than just Insights systems, and role-based access control is what determines whether your users can actually see and act on any of it.
A few things worth carrying away from this one:
- The inventory is bigger than Insights. Filtering by data collector, I could see systems connected only through subscription manager alongside Insights systems. If something shows up that should not, the data collector at the bottom of the system view tells you what reported it.
- Systems age out on a clock. Fresh, stale, stale warning, then gone at fourteen days without a check-in. That automatic purge keeps the inventory honest about what is actually still running.
- RBAC is additive, and access requests should be specific. John demonstrated stripping a user down and then building a group to grant just a vulnerability viewer role. His advice stuck with me: look up the exact role name in the docs and request that, because “give me malware access” is hard for an admin to action.
The extra-credit bit was TAM access requests. As a former sysadmin, I wish I had known Red Hat cannot see your Insights data unless you explicitly grant a time-boxed request. That is a genuinely useful feature.

