Manage Role based Access

Each new account comes with a set of pre-defined roles. The account  you signed up with is the “Account Admin” by default and has full access to all functions & related actions. The other pre-defined roles have access to specific functions and specific actions within them, based on the nature of the role.

As an Account Admin, you can further configure Role Based Access Control, by defining custom roles within the tenant and assigning them to the tenant members. You can control the access policies for the roles that you create. Also, you can also map more than one role to a specific user. This provides complete flexibility and control in managing access control to your tenant members.

Default Roles

When a new tenant is created, few roles are added by default. Here’s the list of default role types in a tenant:

Role Types Access Policies
Account Admin Complete access to all functions including User & Roles Management
Ops Admin Full Access to all operations management functions
Ops Team Limited access to all operations functions
Consumer Access to Self Service Portal to order & consume apps/resources
Approver Access to Self Service Portal to approve orders. Additionally, has access to Dashboards & Reports for specific tenant.
Finance Access to Finance Dashboard and Chargeback Reports

Manage Roles and Access Policies

  • Navigate to IT Admin > Roles to add and manage roles.

Add

  • Click the plus button to add more
  • Enter the following details about the role
Role Name Name of the role being created. Please note that the Role Name has to be unique within a tenant, and not globally.
Role Type Role Types are the ones provided by default.  As an admin, you can clone the access policies from these default ones for the current role being created.
Description Describes the role being added

 

Configuring Access Policies for Custom Roles

Now that the custom type role is created, you can configure the access for the different modules such as Orchestration, Log Management, Monitoring, and Continuous Integration, etc. The different action policies are:

  • Create
  • Update
  • Events
  • Read
  • Delete
  • Visualizer
  • Schedule

 

Manage Roles

Upon creation, the role appears in the list as shown:

Manage Role Based Access - Role details

Here are the field descriptions:

Role Name Name of the role being created. Please note that the Role Name has to be unique within a tenant, and not globally.
Role Type Role Types are the ones provided by default.
Description Describe the role being added
Default/Custom Default role types can not be edited. They are read-only. Only Custom role types can be edited.
Status Indicates if the role is active or disabled
Users Number of users currently assigned this role
Actions The different actions available for this role
  • Click the button in Action column to edit the roles
  • Click Save

Search

Use the Search bar to find particular roles from the list. The search is not case sensitive.

Manage Role Based Access - Search