Roles¶
Command Center provides role-based user management functionality. Granular per-activity user roles can be defined and assigned to Command Center user accounts.
To create and configure Command Center users, see Users.
Managing Roles¶
The system includes the preconfigured, non-modifiable Read Only role. Read Only role holders have viewing access of all managed resources:
Additional roles can be created as needed.
Viewing roles¶
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Roles.
The Roles view displays the Roles grid:
Column
Description
Name
The role’s name.
Permissions
A list of the managed resources, each resource followed by access permissions for this role.
Some managed resources only have permission to allow view access. The others have configurable resource-specific permissions, in addition to the viewing permission:
Managed Resource
Permissions
Access Logs
View
Protection Zones
View
Rename
App Engine types
View
Central logs
View
Manage RSYSLOG
Cloud users
View
Manage Vlan ID
Clouds
View
Zsnap
Upgrade
Shutdown
Comments
View
Manage
Composite Engine types
View
Virtual Networks
View
Manage
Data services
View
Manage
Drive types
View
Drives
View
Replace
Manage led
Enable
Disable
Designate as Cache/AFA-Meta
Undesignate a Cache/AFA-Meta
SMART test
License
Unlicense
Purge
IO Engine types
View
Images
View
Set default
Register
Delete
Licensing
View
Manage
Remote Authentications
View
Storage nodes
View
Evacuate VCs
Evacuate drives
Reboot
Shutdown
Install
Upgrade
Zsnap
Failover
Check configuration
Import drives
License
Refresh license
Set block device performance thresholds
Public IPs
View
Manage
VLANs
View
Add
Remove
Allocate
Deallocate
Reserve
Unreserve
Set default
Manage VRIDs
Vpsas
View
Clear lockdown
Failover
Zsnap
Upgrade
Launch GUI
Read Only Launch GUI
Modify public IP
Hibernate
Restore
Manage File Lifecycle
Add drives
Manage Virtual Network Interfaces
Manage Networks
Change engine type
Change object storage engine type
Change cache
Move setup to ssd
Move Virtual Controller
Purge
Set Pool Migration
Set data reduction bundle
Add storage policies
Add proxy virtual controllers
Manage Object Storage Zones
Manage settings
Manage file lifecycle management
Translation missing: en.manage_shared_vpsa
Defining a new custom role¶
To define a new custom role:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Roles.
In the Roles screen, click Create new role.
In the Create Role dialog, configure the new role:
Name: Enter a name for the role.
Permissions:
Global Permission Controls
This set of controls apply permission configurations across all managed resources.
Select All:
Mark the checkbox to grant all permissions of all resources.
Unmarking this checkbox removes all permissions of all resources, including those that were applied individually or via a specific resource’s Select All control.
Expand All: Display the permissions for all managed resources.
Hide All: Display the list of managed resources only.
Import Role: To populate specific permissions based on an existing role’s configuration, select the role from the dropdown list.
Multiple roles can be imported to build up a combined permissions set.
Managed Resource Permission Controls
Each managed resource has its own set of controls:
Expand/Contract arrow toggle displays all of the selected resource’s permission settings, or hides them.
Select All checkbox appears only for resources that have other permissions in addition to the View permission setting.
Mark the checkbox to grant all permissions of the resource.
Unmarking this checkbox removes all permissions of the resource, including those that were applied individually.
Note
Granting or revoking all permissions is applied, irrespective of whether the resource’s permissions are displayed or hidden by the Expand/Contract control.
One or more resource-specific permission checkboxes:
Mark the checkbox of each permission that you want to grant to users who are assigned this role.
Click Create to confirm creation of the role with the configured settings.
Editing a custom role¶
To edit a custom role:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Roles.
In the Roles screen, locate the role to edit and click its Name.
In the Edit Role dialog, all attributes are configurable, as described in the Defining a new custom role section.
Click Update to confirm applying the changed settings to the role.
Deleting a custom role¶
To edit a custom role:
At the top right of the Command Center window, click the cog wheel icon.
In the dropdown menu that displays, select Roles.
In the Roles screen, locate the role and click the down-arrow on its right. In the dropdown menu, select Destroy.
In the Destroy Role dialog, click Confirm to delete the role.
On completion, the role will disappear from the list in the Roles screen.
Caution
Deleting a role removes its association with any users assigned to it. Creating a new role with the same name afterward will not reassign it to the users who previously held that role.
The role deletion process occurs even if there are users whose sole role assignment is the one being deleted. As a result, these users are left without a role and lose access privileges altogether, until they are assigned a new role.