Role Based Access Control (RBAC)

 

Overview

Cloud Control Center's Role-Based Access Control (RBAC) feature empowers administrators to define custom roles with specific privileges and assign these roles to users, either created locally, integrated through Single Sign-On (SSO), or API Users. This level of customization ensures that after authentication, user interactions with the Cloud Control Center are strictly governed by the privileges of their assigned role.

 

Default Roles

By default, Cloud Control Center provides two predefined roles:

 

1. Tenant User: Users with this role can view all components of the user interface (UI), such as Devices, Policies, Virtual Edges, Analytics and more. However, they are not permitted to make any modifications.

2. Tenant Admin: Users with this role have comprehensive access, allowing them to view and modify any component of the UI.

Components of RBAC

 

Role Name

  • Definition: Customizable name for the role.

 

Privileges

  • Scope: Pertains to each component of the UI.
  • Privilege: Can be set to 'Enabled' or 'Disabled', governing the visibility and interaction level a user has with each UI component.

Creating a New Role

 

Steps:

1. Initiation: Click on "Create New Role".

2. Naming: Provide a name for the role. Optionally, select "Enable All Privileges" for full access, then deselect specific privileges as needed.

3. Privilege Selection:

  •  Component-wise Customization: For each UI component:
    •  Visibility Toggle: Use the toggle button to show or hide the component in the UI menu.

    •  Privilege Granularity: If shown, enable or disable specific privileges for that component.

After configuring the privileges for all UI components, click "Save Changes" to finalize the new role.

 

Cloning Roles

 

Steps:

1. Selection: Hover over an existing role and click "Clone Role".



2. Naming: Provide a name for the new role.



3. Completion: Click "OK" to create a role with identical privileges to the original, ready for further customization.

 

Assigning Roles to Users

 

Assigning roles to users is a straightforward process in the Cloud Control Center:

 

1. Navigate: Go to the User Management section.



2. Selection: Choose the user you wish to assign a role to and click 'Edit'.



3. Role Assignment: In the user's settings, select the desired role from the available options.



For API users, refer to the Cloud Control Center API documentation for detailed instructions on leveraging RBAC. For SSO users, consult the SSO documentation section in the knowledge base to understand how to automatically assign roles based on your specific SSO integration.

 

Cloud Control Center's RBAC is designed to provide a flexible and secure mechanism to tailor user access and privileges, ensuring users interact with the platform in a controlled and predefined manner. Whether defining new roles from scratch, cloning existing ones, or assigning roles to users, administrators are equipped with intuitive tools to streamline the role configuration process.

Was this article helpful?
0 out of 0 found this helpful