Versions Compared

Old Version 5

changes.mady.by.user MS

Saved on

compared with

New Version 6

changes.mady.by.user MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Div
classtocc
Table of Contents

Introduction to resource scopes

A resource scope is a scope that is assigned to a resource, such as a VM template or a VApp spec, and it controls resource sharing. A VM template or VApp spec can Resources can usually have multiple scopes and these resource scopes that work in conjunction with other access controls. For example, for administrators these are user role privileges, enterprise allowed datacenters, and user datacenter scope, and in addition, for specs, access to the spec owner enterprise.

The administrator assigns the scopes to the resource itself and Abiquo gets the list of enterprises in the scopes and allows the users of those enterprises to access the resource. If the scopes are part of a hierarchy, then an administrator can share resources by selecting child scopes that are beneath their scope in the hierachyhierarchy.

For example, for virtual machine templates, the template scopes define the template scopes define a list of tenants whose users can access a shared template, as well as the administrators who can manage it.  (The scopes applied to users are called user scopes, for more information about user scopes, see the Manage Scopes page)

Pricing scope for pricing models

Abiquo controls access to pricing models with a simple resource scope, according to these rules:

  • When a user creates a pricing model, Abiquo automatically assigns the user's scope for tenants (which is a list of enterprises the user can manage). You cannot change this scope or display it in the UI.
  • Abiquo only allows users with the same tenant scope (who can administer exactly the same enterprises) to manage the user's pricing models
  • All users with pricing privileges can view the pricing model assigned to their own tenant

...

Scopes for VM templates and VApp specs

The administrator can use scopes to share VM templates and VApp specs.

Excerpt
Info
titleChanges to scopes in 4.0

The administrator can manage shared templates and specs with scopes if they have the Allow user to switch enterprises privilege and administrator access to the resource in the enterprise that owns it. The administrator can share a template or spec with their own scope, other available scopes, or a child scope in their hierarchy.

...

.

Include PageTEXT Virtual machine template scopesTEXT Virtual machine template scopesThe cloud administrator can edit a template and add one or more available scopes to a template, including the global scope.The global scope means that users from all current and future enterprises can access this template.

Spec scopes for virtual appliance specs

Administrators can use scopes for precise control over access to VApp specs. In order to work with specs, administrators will require the appropriate Virtual appliance specs and Apps library privileges and full access to the datacenter (Datacenter scope and Allowed datacenter) and they must be logged in to the spec owner enterprise.

Include PageTEXT Virtual appliance spec scopesTEXT Virtual appliance spec scopesThe cloud When creating or editing a spec, the administrator can add one or more scopes to a spec, including the global scope. 
available scopes. 

Resource scope example

This example applies to template and spec scopes.

...