Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

To define how a user can work with resources, each user has a role with a group of privileges that allow access to different cloud features. You can create roles for each group of users such as cloud administrators, resellers, tenant administrators, standard users, and so on.

In addition, to define the resources that a user can view, access, and administer, each user also has an administration scope. And the user's enterprise has a list of allowed datacenters and public cloud regions that users can work in.

You can match user roles to OpenID, AD, or LDAP groups and when the platform will automatically create users and assign them the matching roles.

For information about the Abiquo concepts of enterprises and users, see Users in the Abiquo Walkthrough. 



API Documentation

For the Abiquo API documentation of this feature, see Abiquo API Resources and the page for this resource RolesResource.


Privilege: Access Roles and Scope screens

To manage roles, go to Users → Roles. By default, you will see the Global roles that are available to all enterprises and the platform will display them with "(Global)" after the name. To display the enterprise roles that belong to a specific enterprise, select the enterprise.


Create or modify a role

Abiquo provides a set of default roles and you can clone and modify them to create new roles. See Default roles. See Privileges for a list of the privileges for each role.

Privilege: Access Roles and Scope screens, Manage roles, Manage global role

A user can only have one role, but a role can be associated with multiple OpenID, AD, or LDAP groups. To clone a role, click the clone button. By default the new role will have "Copy:" added to its name, for example, "Copy: CLOUD_ADMIN".

To create or modify a role:

  1. Go to Users → Roles
  2. Click the + Add button or Edit button and complete the following dialog.


Field

Description

Role name

The name of the role. Local roles in different enterprises can have the same names

Enterprise

The enterprise that a local role belongs to

Make this role global

To create a global role that can be used in all enterprises, mark the Make this role global checkbox.

Allowed CIDRsOptional: to create a default list of network addresses from which users with this role can access the platform, enter Allowed CIDRs. You can also set allowed CIDRs for a scope. The user will inherit the role and scope CIDRs. Any allowed CIDRs set directly for the user will have priority over these inherited allowed CIDRs.

External Roles

The corresponding external roles, e.g. LDAP group, for the user. Required in external authentication modes (openid, ldap). A user's external roles must map to a single role (local or global). See  LDAP and Active Directory Integration  and  Abiquo OpenID Connect Integration. You can also set external scopes.

  • Examples for LDAP:
    • ldap_group_01
    • ldap_group_02
  • Example for OpenID:
    • id=admins,ou=group,o=qa,ou=services,dc=openam,dc=forgerock,dc=org

After you create or clone a role, select the role name in the list and edit the privileges as required, then click Save.

Modify the privileges of a role

To modify the privileges of a user role:

Privilege: Manage privileges


  1. Go to Users → Roles
  2. For a local role, select the enterprise that the role belongs to
  3. Select the role from the Roles list
  4. In the Privileges pane, select or deselect the privileges 
    • To add or remove groups of privileges, click the All privileges checkbox beside the group name
    • You cannot undo but you can discard the changes
  5. Save the changes by clicking Save
    • (warning) The platform will discard your changes if you do an action outside of the Privileges pane, for example, clicking on a another role name


Troubleshooting and Tips

Roles

  • The default CLOUD_ADMIN role has all privileges and is locked
  • You can only access roles with the same privileges or fewer privileges than your own role
  • You cannot modify your own role.

Privileges

  • You can only select or deselect privileges that are in your own role
  • Privileges are generally independent.
    For example, for a user with a role without the "Access Infrastructure view" privilege, the Infrastructure icon does not display in the UI. However, if this user's role has the privileges to "Manage datacenters" and "View datacenter details", the user will be able to access these functions through the API

Privileges table

The following table describes all the privileges in the cloud platform.

Changes to privileges

See Changes to privileges

Home privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

List enterprises within scopeENTERPRISE_ENUMERATEThis privilege allows a user to view the list of enterprises within scope and to view statistics for those enterprises

X

    
Allow user to switch enterpriseENTERPRISE_ADMINISTER_ALLThis privilege allows a user to change to another enterprise, in order to administer it, by clicking the switch user button in the Enterprises list

X

    
Display enterprise statisticsENTERPRISE_RESOURCE_SUMMARY_ENTThis privilege allows a user to filter statistics by enterprise to display the resources used by an enterprise in the enterprise resources panel

X

X

 

X

 
Display enterprise limits in statisticsENTERPRISE_SHOW_STATS_LIMITSThis privilege allows a user to view enterprise limits in addition to resources used in the enterprise resources panel if the user has the Display enterprise statistics privilege

X

X

X

  
View billsBILLS_VIEWThis privilege allows a user to view bills and related widgets

X

    
Manage billsBILLS_MANAGEThis privilege allows a user to manage bills

X

    
Infrastructure privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access infrastructure view and private DCsPHYS_DC_ENUMERATEThis privilege allows a user to access the Infrastructure view and list the physical datacenters

X

    
Display resource usage panelPHYS_DC_RETRIEVE_RESOURCE_USAGEThis privilege allows a user to view the resource usage panel in the Infrastructure view

X

    
Manage datacenterPHYS_DC_MANAGEThis privilege allows a user to manage datacenters (add, edit and delete). Without it, the datacenter's properties will be read only

X

    
View datacenter detailsPHYS_DC_RETRIEVE_DETAILSThis privilege allows a user to go inside a datacenter and view its details (racks, physical machines, networks, storage and allocation rules)

X

    
Manage datacenter infrastructure elementsPHYS_DC_ALLOW_MODIFY_SERVERSThis privilege allows a user to manage infrastructure elements (add, edit and delete racks and physical machines)

X

    
Manage network elementsPHYS_DC_ALLOW_MODIFY_NETWORKThis privilege allows a user to manage network elements (add, edit and delete public networks)

X

    
Manage storage elementsPHYS_DC_ALLOW_MODIFY_STORAGEThis privilege allows a user to manage storage elements (add, edit and delete storage devices, pools, tiers and volumes)

X

    
Manage allocation rulesPHYS_DC_ALLOW_MODIFY_ALLOCATIONThis privilege allows a user to manage allocation rules (add and delete rules)

X

    
Manage datacenter backup configurationPHYS_DC_ALLOW_BACKUP_CONFIGThis privilege allows a user to manage backup configuration at datacenter level

X

    
Manage devicesMANAGE_DEVICESThis privilege allows a user to setup networking devices (Neutron)

X

    
Manage public cloud regionsPCR_MANAGEThis privilege allows a user to manage public cloud regions (add, edit and delete). Without it, the public cloud region's properties will be read only

X

    
Access infrastructure view and PCRsPCR_ENUMERATEThis privilege allows a user to access the Infrastructure view and list the public cloud regions

X

    
View public cloud region detailsPCR_RETRIEVE_DETAILSThis privilege allows a user to go inside a public cloud region and view its details (virtual machines and hardware profiles)

X

    
Manage hardware profile types and familyMANAGE_HARDWARE_PROFILE_TYPE_AND_FAMILYThis privilege allows the user to manage hardware profile types and family (add, edit and delete)

X

    
View and manage protection managersMANAGE_DRAAS_CONFIGThis privilege allows the user to manage protection managers for disaster recovery (create, edit, and delete)

X

    
Virtual datacenters privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access virtual datacenters viewVDC_ENUMERATEThis privilege allows a user to access the Virtual Datacenters view

X

X

X

X

 
Manage virtual datacentersVDC_MANAGEThis privilege allows a user to manage virtual datacenters (add, edit and delete). Without it, the virtual datacenter details are read only

X

X

   
Manage virtual appliancesVDC_MANAGE_VAPPThis privilege allows a user to manage virtual appliances (add, edit and delete)

X

X

X

  
Manage virtual network elementsVDC_MANAGE_NETWORKThis privilege allows a user to manage private and public networks (add, edit and delete)

X

X

   
Manage virtual storage elementsVDC_MANAGE_STORAGEThis privilege allows a user to manage storage volumes (add, edit and delete)

X

X

   
Manage floating IPsMANAGE_FLOATINGIPSThis privilege allows a user to manage floating IPs (add and delete)

X

X

   
Manage firewallsMANAGE_FIREWALLSThis privilege allows a user to manage firewalls (add, edit and delete) for virtual datacenters

X

X

   
Manage load balancersMANAGE_LOADBALANCERSThis privilege allows a user to manage load balancers (add, edit and delete) for virtual datacenters

X

X

   
Manage virtual storage controllerVDC_MANAGE_STORAGE_CONTROLLERThis privilege allows a user to manage the controller of storage volumes

X

X

X

  
Manage public IPsMANAGE_PUBLICIPSThis privilege allows a user to manage public IPs for private virtual datacenters

X

X

X

  
Modify allocation when attaching a diskVDC_MANAGE_STORAGE_DISK_ALLOCATIONThis privilege allows a user to modify the allocation of disks before they are deployed to the hypervisor and specify allocation when attaching a new disk and it is not possible once the VM is deployed (disk already created/copied)

X

    
Manage NAT IPsMANAGE_NATIPSThis privilege allows a user to manage NAT IPs for private virtual datacenters

X

X

X

  
Manage VPNsMANAGE_VPNThis privilege allows a user to manage VPNs

X

X

   
Manage classic firewallsMANAGE_CLASSIC_FIREWALLSThis privilege allows a user to manage classic firewalls (edit and delete) for devices

X

    
Manage private IP reservationsMANAGE_PRIVATEIP_RESERVATIONThis privilege allows a user to manage private IP reservations

X

    
Manage default virtual datacenter firewallMANAGE_DEFAULT_FIREWALLThis privilege allows a user to define a default virtual datacenter firewall

X

    
Manage enterprise datacenter default rolesVDC_MANAGE_DEFAULT_ROLEThis privilege allows a user to manage enterprise datacenter default roles (creation/edition)

X

    
Access public network tabVDC_VIEW_PUBLIC_NETWORKThis privilege gives the user access to public network resources in virtual infrastructure

X

X

X

X

 
Manage public network elementsVDC_MANAGE_PUBLIC_NETWORKThis privilege allows a user to manage public network resources in virtual infrastructure

X

X

X

X

 
Access external network tabVDC_VIEW_EXTERNAL_NETWORKThis privilege gives the user access to external network resources in virtual infrastructure

X

X

X

X

 
Manage external network elementsVDC_MANAGE_EXTERNAL_NETWORKThis privilege allows a user to manage external network resources in virtual infrastructure

X

X

X

X

 
Manage availability setsMANAGE_AVAILABILITY_SETThis privilege allows a user to manage availability sets (add and delete) for virtual datacenters

X

X

   
Assign availability set to VMASSIGN_AVAILABILITY_SETThis privilege allows a user to assign availability sets to virtual machine (create and edit VM)

X

X

   
Manage the bandwidth limit for NATMANAGE_BANDWIDTHLIMIT_NATThis privilege allows a user to manage the bandwidth limit for NAT

X

    
Manage the bandwidth limit for public IPsMANAGE_BANDWIDTHLIMIT_PUBLICThis privilege allows a user to manage the bandwidth limit for public IPs

X

    
Manage resource groupsMANAGE_RESOURCE_GROUPThis privilege allows a user to create resource groups

X

X

X

  
Delete resource groupsDELETE_RESOURCE_GROUPThis privilege allows a user to delete resource groups

X

X

X

  
Manage global networksMANAGE_GLOBAL_NETWORKThis privilege allows a user to manage global networks

X

X

X

  
Update private MAC IPUPDATE_MAC_IPThis privilege allows a user to update private MAC IP

X

    
Virtual appliances privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Edit virtual appliance detailsVAPP_CUSTOMISE_SETTINGSThis privilege allows a user to edit virtual appliance details (name, CPUs, etc.), go inside virtual appliances and view their details

X

X

X

  
Deploy and undeploy virtual appliancesVAPP_DEPLOY_UNDEPLOYThis privilege allows a user to deploy/undeploy virtual appliances

X

X

X

  
Perform virtual machine actionsVAPP_PERFORM_ACTIONSThis privilege allows a user to perform virtual machine actions (power on/off, pause, reboot, remote access)

X

X

X

  
Manage persistent templatesVAPP_CREATE_STATEFULThis privilege allows a user to manage persistent virtual machine templates (create in VApp; create, edit and delete in virtual datacenter)

X

X

X

  
Create instanceVAPP_CREATE_INSTANCEThis privilege allows a user to create instance templates of a virtual machine within a virtual appliance

X

X

X

  
Manage virtual machine hard disksMANAGE_HARD_DISKSThis privilege allows a user to access the virtual machine hard disk tab and manage hard disks (add and delete)

X

X

   
Manage layersVAPP_MANAGE_LAYERSThis privilege allows a user to manage anti-affinity layers in virtual appliances (create, edit and delete layers)

X

X

X

  
Manage virtual machine backup configurationVAPP_MANAGE_BACKUPThis privilege allows a user to access the backup configuration at virtual machine level and set the backup type and contents

X

    
Manage virtual machine backup scheduleVAPP_DEFINE_BACKUP_INFOThis privilege allows a user to specify an additional option for backup configuration by setting backup dates and times

X

    
Manage workflow tasksWORKFLOW_OVERRIDEThis privilege allows a user to start or cancel queued tasks if workflow is enabled

X

X

   
Delete unknown virtual machinesVAPP_DELETE_UNKNOWN_VMThis privilege allows a user to delete virtual machines in unknown state

X

    
Assign firewalls to virtual machinesASSIGN_FIREWALLSThis privilege allows a user to assign already created firewalls to virtual machines

X

X

   
Access persistent templates viewVAPP_STATEFUL_VIEWThis privilege allows a user to access the persistent virtual machine templates view

X

X

X

  
Manage virtual machine backup disksVAPP_MANAGE_BACKUP_DISKSThis privilege allows a user to specify disks and disk backup types (snapshot and complete)

X

X

   
Assign load balancersASSIGN_LOADBALANCERSThis privilege allows a user to assign load balancers

X

X

   
Manage virtual machine metricsUSERS_ENABLE_DISABLE_VM_METRICSThis privilege allows a user to activate monitoring of virtual machines

X

X

X

  
Access metricsUSERS_SHOW_METRICSThis privilege allows a user to manage monitoring

X

X

X

X

 
Restore virtual machine backupsVAPP_RESTORE_BACKUPThis privilege allows a user to restore virtual machine backups

X

X

   
Protect/unprotect virtual machinesVM_PROTECT_ACTIONThis privilege allows a user to protect/unprotect a virtual machine

X

    
Consume virtual appliance specsCONSUME_VAPP_SPECThis privilege allows a user to consume virtual appliance specs

X

    
Override virtual machine constraintsVM_EXCEED_CPU_RAMThis privilege allows a user to modify virtual machine CPU and RAM to values outside the maximum and minimum values defined in the virtual machine template

X

    
Edit virtual machine detailsVM_EDIT_CPU_RAMThis privilege allows a user to edit virtual machine details (CPU and RAM)

X

X

X

  
Retrieve default template credentialsVM_CHECK_USER_PASSWORDThis privilege allows a user to retrieve the default user and password of a template

X

    
Relocate a VM to a compatible hostVM_RELOCATEThis privilege allows a user to relocate a VM to a compatible host

X

    
Manage workflow for scaling groupsSCALING_GROUP_MANAGE_WORKFLOWThis privilege allows a user to enable or disable workflow for scaling groups.

X

    
Attach NICs in restricted networks to VMsVM_ATTACH_NICThis privilege allows a user to attach NICs in restricted networks

X

    
Detach NICs in restricted networks from VMsVM_DETACH_NICThis privilege allows a user to detach NICs in restricted networks

X

    
Manage scaling groupsMANAGE_SCALING_GROUPSThis privilege allows a user to manage scaling groups (add, edit and delete)

X

    
Manage virtual machine ISO disksMANAGE_ISOThis privilege allows a user to manage ISO disks in virtual machines (add, edit and delete)

X

    
Manage restricted VApps and VMsVAPP_RESTRICTED_MANAGEThis privilege allows a user to manage restricted VApps and VMs

X

    
View restricted VApps and VMsVAPP_RESTRICTED_VIEWThis privilege allows a user to view restricted VApps and VMs

X

    
Restrict VMVM_RESTRICTThis privilege allows a user to restrict VMs

X

    
Move VMsMANAGE_MOVE_VMThis privilege allows a user to move VMs between VDCs

X

    
Retrieve virtual machine initial passwordVM_RETRIEVE_INITIAL_PASSWORDThis privilege allows a user to retrieve the initial password of a virtual machine

X

    
Assign public IPs to VMsVM_ASSIGN_PUBLIC_IPThis privilege allows a user to assign public IPs to VMs

X

X

X

X

 
Assign external IPs to VMsVM_ASSIGN_EXTERNAL_IPThis privilege allows a user to assign external IPs to VMs

X

X

X

X

 
Reset VM guest passwordVM_RESET_GUEST_PASSWORDThis privilege allows a user to reset the initial password of a virtual machine

X

    
Manage VM disaster recovery protectionVM_MANAGE_DRAASThis privilege allows a user to enable or disable disaster recovery protection for VMs

X

X

   
Apps library privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Apps library viewAPPLIB_VIEWThis privilege allows a user to access the Appliance library view

X

X

   
Manage VM templates from Apps libraryAPPLIB_ALLOW_MODIFYThis privilege allows a user to view the Appliance library contents, modify virtual machine templates (download from remote repositories, edit and delete) and promote instances

X

X

   
Upload virtual machine templateAPPLIB_UPLOAD_IMAGEThis privilege allows a user to upload virtual machine templates from a local file into the Apps library

X

X

   
Manage repositoryAPPLIB_MANAGE_REPOSITORYThis privilege allows a user to manage repositories (add and delete repositories)

X

X

   
Download virtual machine templateAPPLIB_DOWNLOAD_IMAGEThis privilege allows a user to download virtual machine templates from the Appliance library to their hard disk

X

X

   
Manage VM template categoriesAPPLIB_MANAGE_CATEGORIESThis privilege allows a user to manage categories of virtual machine templates that belong to their enterprise (add and delete)

X

X

   
Manage VM template global categoriesAPPLIB_MANAGE_GLOBAL_CATEGORIESThis privilege allows a user to manage categories of virtual machine templates that are common and available to all enterprises (add and delete)

X

    
Display datacenter capacity and free spaceAPPLIB_SHOW_DC_CAPACITYThis privilege allows a user to view the capacity and remaining space of a datacenter

X

    
Export a virtual machine template to datacenterAPPLIB_EXPORT_TO_PRIVATEThis privilege allows a user to export a virtual machine template to another private datacenter.

X

    
Export a virtual machine template to public cloud regionAPPLIB_EXPORT_TO_PUBLICThis privilege allows a user to export a virtual machine template to another public cloud region.

X

    
Manage virtual appliance specsMANAGE_VAPP_SPECThis privilege allows a user to manage virtual appliance specs (add and edit)

X

    
Download VM templates from remote repositoryAPPLIB_DOWNLOAD_FROM_REMOTE_REPOSITORYThis privilege allows a user to download virtual machine templates from remote repositories

X

X

   
Specify allocation of template disksAPPLIB_DISK_ALLOCATIONThis privilege allows a user to specify the allocation of template disks

X

    
Accept virtual machine template terms of useAPPLIB_ACCEPT_IMAGE_TERMSThis privilege allows a user to accept virtual machine template terms of use

X

X

   
Users privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Users viewUSERS_VIEWThis privilege allows a user to access the Users view

X

X

   
Manage enterprisesUSERS_MANAGE_ENTERPRISEThis privilege allows a user to manage enterprises (add, edit and delete)

X

    
Manage usersUSERS_MANAGE_USERSThis privilege allows a user to manage users (add, edit and delete)

X

X

   
Manage users of all enterprisesUSERS_MANAGE_OTHER_ENTERPRISESThis privilege allows a user to manage users of more than one enterprise and move users between enterprises. Without it, the Enterprise list is not shown in Users view

X

    
No VDC restrictionUSERS_PROHIBIT_VDC_RESTRICTIONNormally a user within an enterprise can have a list of VDCs assigned and these will be the only VDCs that they will be able to see. Setting this privilege exempts a user from having their VDC list restricted and they will be able to see all VDCs in their enterprise

X

X

   
Access Roles and Scope screensUSERS_VIEW_PRIVILEGESThis privilege allows a user to access the Roles and Scopes screen

X

    
Manage rolesUSERS_MANAGE_ROLESThis privilege allows a user to manage roles (add, edit and delete roles; modify privileges assigned to roles; assign scopes to roles)

X

    
Associate role with enterpriseUSERS_MANAGE_ROLES_OTHER_ENTERPRISESThis privilege allows a user to associate a role with any enterprise

X

    
Manage global roleUSERS_MANAGE_SYSTEM_ROLESThis privilege allows a user to manage roles that are common and available to all enterprises, rather than being constrained to a single enterprise

X

    
Display connected usersUSERS_ENUMERATE_CONNECTEDThis privilege allows a user to display connected users

X

    
Define enterprise managerUSERS_DEFINE_AS_MANAGERThis privilege defines a user as an enterprise manager. Enterprise managers receive physical machine notification emails

X

X

   
Manage Chef enterprisesUSERS_MANAGE_CHEF_ENTERPRISEThis privilege allows a user to enable and manage Chef for enterprises

X

    
Manage scopesUSERS_MANAGE_SCOPESThis privilege allows a user to manage scopes (add, edit and delete scopes)

X

    
Manage enterprise reserved serversUSERS_MANAGE_RESERVED_MACHINESThis privilege allows a user to manage reserved servers at enterprise level

X

    
Modify enterprise themeUSERS_MANAGE_ENTERPRISE_BRANDINGThis privilege allows a user to manage enterprise branding (select a specific theme for an enterprise)

X

    
Allow user to push own metricsUSERS_PUSH_METRICSThis privilege allows a user to push their own metrics

X

X

X

  
Manage provider credentialsUSERS_MANAGE_CREDENTIALSThis privilege allows a user to manage provider credentials (add and delete)

X

    
Manage user applicationsUSERS_MANAGE_APPLICATIONSThis privilege allows a user to manage applications (add and delete)

X

    
Manage reseller enterprisesENTERPRISE_MANAGE_RESELLERThis privilege allows a user to manage resellers

X

    
Manage key node enterprisesENTERPRISE_MANAGE_KEY_NODEThis privilege allows a user to manage aggregation nodes

X

    
Manage enterprise propertiesENTERPRISE_MANAGE_PROPERTIESThis privilege allows a user to manage enterprise properties

X

    
Manage user allowed CIDRsMANAGE_USER_CIDR_ACCESSThis privilege allows a user to manage allowed CIDRs for users

X

    
Manage virtual datacenter rolesUSERS_MANAGE_VDC_ROLESThis privilege allows a user to manage virtual datacenter roles (select default role, define user exceptions)

X

    
Access budgets sectionBUDGET_VIEWThis privilege allows a user to access the budgets section

X

    
Manage budgetsBUDGET_MANAGEThis privilege allows a user to manage budgets (create, edit and delete)

X

    
Manage role and scope allowed CIDRsMANAGE_ROLE_AND_SCOPE_CIDR_ACCESSThis privilege allows a user to manage allowed CIDRs for roles and scopes

X

    
Manage mail server for resellerENTERPRISE_MANAGE_SERVER_MAILThis privilege allows a user to manage server mail for resellers

X

    
Manage user creation in providerENTERPRISE_CREATE_USER_IN_PROVIDERThis privilege allows a user to manage user creation in a provider (in credentials list)

X

X

   
Access user metadata (dashboards)USERS_VIEW_USERS_METADATAThis privilege allows a user to access users metadata (dashboards)

X

    
Manage user metadata (dashboards)USERS_MANAGE_USERS_METADATAThis privilege allows a user to manage users metadata (dashboards)

X

    
Access enterprise metadata (dashboards)USERS_VIEW_ENTERPRISE_METADATAThis privilege allows a user to access enterprise metadata (dashboards)

X

    
Manage enterprise metadata (dashboards)USERS_MANAGE_ENTERPRISE_METADATAThis privilege allows a user to manage enterprise metadata (dashboards)

X

    
System configuration privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Configuration viewSYSCONFIG_VIEWThis privilege allows a user to access the Configuration view

X

    
Modify configuration dataSYSCONFIG_ALLOW_MODIFYThis privilege allows a user to edit all system-wide configuration settings

X

    
Allow access to reportsSYSCONFIG_SHOW_REPORTSThis privilege allows a user to access external reports by clicking the Reports button. The button will only be visible if the 'Reports URL' system property is not empty (Configuration -> System Properties -> General -> Reports URL)

X

    
Manage default dashboardsSYSCONFIG_MANAGE_DEFAULT_DASHBOARDSThis privilege allows a user to manage default dashboards

X

    
Pricing privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Add a cost code when editing a VM templateAPPLIB_VM_COST_CODEThis privilege allows a user to select a cost code when editing a virtual machine template

X

    
Access Pricing viewPRICING_VIEWThis privilege allows a user to access the Pricing view

X

    
Manage pricingPRICING_MANAGEThis privilege allows a user to manage pricing components (add, edit and delete currencies, pricing models and cost codes)

X

    
Manage pricing credentialsMANAGE_PRICING_CREDENTIALSThis privilege allows a user to manage pricing credentials

X

X

   
Generate billingRUN_BILLINGThis privilege allows a user to generate billings

X

X

   
Events privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Display all events for current enterpriseEVENTLOG_VIEW_ENTERPRISEThis privilege allows a user to display all events related to the current enterprise

X

X

X

X

 
Display all eventsEVENTLOG_VIEW_ALLThis privilege allows a user to display all events

X

    
Control privileges
       

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access alarms sectionUSERS_VIEW_ALARMSThis privilege allows a user to access the alarms sections

X

    
Manage alarmsUSERS_MANAGE_ALARMSThis privilege allows a user to manage alarms (create, edit and delete)

X

    
Access alerts sectionUSERS_VIEW_ALERTSThis privilege allows a user to access the alerts sections

X

    
Manage alertsUSERS_MANAGE_ALERTSThis privilege allows a user to manage alerts (create, edit and delete)

X

    
Access action plans, schedule and alert trigger tabsACTION_PLAN_VIEWThis privilege allows a user to access the Action plans, the Schedule and Alert trigger tabs

X

    
Manage action plans and task schedulesACTION_PLAN_MANAGEThis privilege allows a user to manage action plans, schedule and alert triggers

X

    
View enterprise hierarchyENTERPRISE_VIEW_HIERARCHYThis privilege allows the user to display the enterprises in a hierarchy

X

    
Access resource tags tabs and resource tags management viewTAGS_VIEWThis privilege allows the user to display the Tags tab of resources and the Tags management view

X

    
Manage tags for compatible resourcesTAGS_MANAGEThis privilege allows the user to manage tags for compatible resources (add, edit, synchronize and delete)

X

    


Key to Info Column of Privileges Table

(star) = new privilege
(warning) = changed privilege
(minus) = deprecated privilege

Related pages

 

  • No labels

Copyright © 2006-2022, Abiquo Holdings SL. All rights reserved