| Table of Contents |
|---|
...
Go to Users → Scopes
Click the + add button
Enter the details as described in the following table
...
...
| title | Click here to display details of create scope |
|---|
Field | Description |
|---|---|
Name | The name of the scope |
Parent scope | To optionally add the scope to a hierarchy, select a Parent scope. We recommend that under a hierarchy with limited scopes you should not select unlimited scopes (Use all enterprises and/or Use all datacenters) |
Allowed CIDRs | To optionally create a default list of network addresses from which users with this scope can access the platform, enter Allowed CIDRs. You can also set allowed CIDRs for a role. The user will inherit the role and scope CIDRs. Any allowed CIDRs set directly for the user will have priority over these inherited allowed CIDRs. |
External scopes | Optional: Specify attributes of an external system to define the user groups that this scope should apply to. An example of external scopes could be an LDAP group for the user. Used in external authentication modes (e.g. openid, ldap). A user's external scopes must map to a single scope (local or global). See LDAP and Active Directory Integration and Abiquo OpenID Connect Integration |
Scope entities
Field | Description |
|---|---|
Enterprises | Enterprises to use in the scope. To automatically include all existing and future enterprises, select the options to Use all enterprises. If this is a user's administration scope, then the user can manage resources in the list of enterprises selected. If this is a resource scope, then users can access the resources if they belong to the enterprises that are part of the scope |
Datacenters | Select Datacenters to include in the scope. For scopes, datacenters can be private cloud datacenters and/or public cloud regions. To automatically include all existing and future datacenters, select the options to Use all datacenters. If this is a user's administration scope, then the user can manage resources in the list of datacenters selected. Resource scopes do not use the datacenters list |
After you create a scope, you can assign it to a user, an enterprise, or a resource.
...
Create the tenant enterprise.
On the General tab, for the Default scope, select Global scope
Create a scope for the tenant
On the General info tab, select a parent scope, for example, the Global scope or a reseller scope
Go to the Entities tab. In the Enterprises list, select the tenant enterprise
In the Datacenters list, select the appropriate locations (datacenters and public cloud regions) where the users will work
Edit the tenant enterprise and on the General tab for the Default scope select the tenant's scope
When an administrator creates users in the tenant, the platform will automatically suggest the tenant's enterprise scope for these users.
...
Create a scope for the administrator
On the General info tab, optionally select a parent scope, for example, the Global scope or a reseller scope
Go to the Entities tab. In the Enterprises list, select the enterprises to administer
In the Datacenters list, select the appropriate locations (datacenters and public cloud regions) to administer
...
You can share resources with your own scope and child scopes of your scope
Each tenant can belong to more than one scope
Each scope can have one parent scope only
The platform will only consider the enterprises in the resource scopes, not the locations
...
Assign scopes to create a reseller hierarchy
You can use a reseller hierarchy for billing, pricing, and to manage and aggregate your cloud costs and usage. To create a reseller hierarchy, assign scopes to reseller, key node, and reseller customer tenants.
...