Versions Compared

Version Old Version 52 New Version 53
Changes made by

MS (Unlicensed)

MS (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Div
classabifooter

Manage scopes page


Excerpt


Note
titleChanges to scopes from Abiquo 4.0
  • Now administrators assign scopes to Abiquo users. In previous versions, administrators assigned scopes to Abiquo roles and the global scope was the default
    • During the upgrade process to version 4.0, Abiquo assigns role scopes to users
  • All enterprises must now have a default scope for creating users
  • Administrators can now create optional hierarchies of scopes and share resources, such as templates and specs, with tenants at lower levels of their hierarchies


Scope concepts

Concept_______DescriptionNotes
Scope
  • A list of resources (enterprises and/or datacenters) for access control

User scope
  • The list of resources (datacenters and enterprises) that the user can view and manage.
  • The user must also have the other required permissions (privileges and allowed datacenters)

A user can deploy in allowed datacenters, even if they are not in their scope. An Administrator can manage users of the enterprises that are in their scope

Resource scope
  • The list of enterprises whose users can access the resource, if they have the other required permissions
  • Administrators select a set of scopes to share a resource with users of the enterprises listed in the scopes

Used to share VM templates and VApp specs. An administrator can select their own scope, and scopes underneath their scope in the scope hierarchy

Scope hierarchy
  • A parent scope and one or more child scopes
  • Used for sharing resources to tenants that are underneath the administrator's scope

Administrators can share VM templates and VApp specs with users in scopes beneath their own scope. But they cannot manage the enterprises that are not directly in their user scope

Global scope
  • The default scope for the cloud administrator that always includes all resources and cannot be modified

Unlimited scopes
  • The global scope
  • Use all enterprises checkbox selected - ALL current and future enterprises
  • Use all datacenters checkbox selected - ALL current and future datacenters

An unlimited scope cannot have a parent scope. It must be at the top of a scope hierarchy. An unlimited scope has new resources added automatically in its unlimited dimensions. Only a user with an unlimited scope can create an unlimited scope in the same dimensions as their scope.


The following screenshot shows a scope with enterprises and a child scope


The Global scope is the default scope for the cloud administrator that contains all elements and it cannot be modified. 

The following scopes are called unlimited scopes:

  • The global scope
  • Any scope with the Use all enterprises checkbox selected, which will include ALL current and future enterprises
  • Any scope with the Use all datacenters checkbox selected, which will include ALL current and future datacenters

An unlimited scope is always at the top of the scope hierarchy, which means it cannot have a parent scope. An unlimited scope has new resources added automatically, so you will not need to modify it to include new elements. Only a user with an unlimited scope can create an unlimited scope in the same dimensions as their scope.

Scope use cases

A global managed service provider could create a scope for country or region. For example, in Spain, with datacenters in Madrid, Barcelona, Valencia and Seville.

...