Role Based Access

Each new account comes with a set of pre-defined roles. As an Account Admin, you can further configure Role Based Access Control, by defining custom roles within the tenant and assigning them to the tenant members. You can control the access policies for the roles that you create. Also, you can also map more than one role to a specific user. This provides complete flexibility and control in managing access control to your tenant members.

When a new tenant is created, few roles are added by default. Here’s the list of default role types in a tenant:

Role TypesAccess Policies
Account AdminComplete access to all functions including User & Roles Management
Ops AdminFull Access to all operations management functions
Ops TeamLimited access to all operations functions
ConsumerAccess to Self Service Portal to order & consume apps/resources
ApproverAccess to Self Service Portal to approve orders. Additionally, has access to Dashboards & Reports for specific tenant.
FinanceAccess to Finance Dashboard and Chargeback Reports

To navigate, user needs to click on and select ‘Roles’

Add

  • Click the button to add more
  • Enter the following details about the role
Role NameName of the role being created. Please note that the Role Name has to be unique within a tenant, and not globally.
Role TypeRole Types are the ones provided by default. As an admin, you can clone the access policies from these default ones for the current role being created.
Cloud Accounts & Integrated
Tools
Select the cloud account the new role will be associated with
Inventory ElementsSelect the Inventory elements available
Role DescriptionDescribes the role being added

Configuring Access Policies for Custom Roles

While creating the roles, you can configure the access for the different modules such as Templates, Blueprints, Environments, etc. The different action policies are:

  • Create
  • Update
  • Events
  • Read
  • Delete
  • Visualizer
  • Schedule

User have the privilege to provide full access or customize the access as shown in the clip below.

After completing the fields and selecting the access user can click on check mark available on top right hand page to save the custom role settings. Selecting the X mark cancels the entry.

Manage Roles

Upon creation, the role appears in the list as shown:

Here are the field descriptions:

Role NameName of the role being created. Please note that the Role Name has to be unique within a tenant, and not globally.
Role TypeRole Types are the ones provided by default.
StatusIndicates if the role is active or disabled
No. of UsersNumber of users currently assigned this role
ActionsUsers can delete custom created roles
Date CreatedDate the role was created

Search

Use the Search bar to find particular roles from the list. The search is not case sensitive.