The group.cfg defines the security groups that are present in the Fabric. A security group can reference one or more users that are defined in the user.cfg. The predefined fabric-admin group is consulted for determining if a user has access to carry out administrative functionality. The other groups can be referenced by a Fabric application to control security access at the application, process flow, component or method level (see Application Security for more details.)

To edit the group.cfg, get the most current version from the fabric by using fabric_ctl.

$ fabric_ctl -d239.255.0.1:30000 -ufabric-admin/fabric-admin get group.cfg

The fabric-admin group is a group name reserved by the fabric to describe what users have access to Fabric administrative activities. By default, the fabric-admin group contains a user named fabric-admin. You can replace this default user, or add other usernames to this group.

version=1.0
fabric-admin=fabric-admin

Use your text editor of choice to add users to the existing groups, or add new groups. Make sure to increment the version number before deploying the new group.cfg back in into the fabric.

version=1.2
fabric-admin=fabric-admin,fred
my-app=inara,kaylee,river,zoe
other-app=mal,wash,jayne,simon

Note: any users listed in the group.cfg should have corresponding entries in the user.cfg.

Once the configuration file is updated, deploy it back to the fabric.

$ fabric_ctl -d239.255.0.1:30000 -ufabric-admin/fabric-admin deploy group.cfg