Cloud Control Center's Role-Based Access Control (RBAC) feature empowers administrators to define custom roles with specific privileges and assign these roles to users, either created locally, integrated through Single Sign-On (SSO), or API Users. This level of customization ensures that after authentication, user interactions with the Cloud Control Center are strictly governed by the privileges of their assigned role.
By default, Cloud Control Center provides two predefined roles:
1. Tenant User: Users with this role can view all components of the user interface (UI), such as Devices, Policies, Virtual Edges, Analytics and more. However, they are not permitted to make any modifications.
2. Tenant Admin: Users with this role have comprehensive access, allowing them to view and modify any component of the UI.
Components of RBAC
- Definition: Customizable name for the role.
- Scope: Pertains to each component of the UI.
- Privilege: Can be set to 'Enabled' or 'Disabled', governing the visibility and interaction level a user has with each UI component.
Creating a New Role
1. Initiation: Click on "Create New Role".
2. Naming: Provide a name for the role. Optionally, select "Enable All Privileges" for full access, then deselect specific privileges as needed.
3. Privilege Selection:
- Component-wise Customization: For each UI component:
After configuring the privileges for all UI components, click "Save Changes" to finalize the new role.
3. Completion: Click "OK" to create a role with identical privileges to the original, ready for further customization.
Assigning Roles to Users
Assigning roles to users is a straightforward process in the Cloud Control Center:
3. Role Assignment: In the user's settings, select the desired role from the available options.
For API users, refer to the Cloud Control Center API documentation for detailed instructions on leveraging RBAC. For SSO users, consult the SSO documentation section in the knowledge base to understand how to automatically assign roles based on your specific SSO integration.
Cloud Control Center's RBAC is designed to provide a flexible and secure mechanism to tailor user access and privileges, ensuring users interact with the platform in a controlled and predefined manner. Whether defining new roles from scratch, cloning existing ones, or assigning roles to users, administrators are equipped with intuitive tools to streamline the role configuration process.