Skip to main content
Close
Hitachi Vantara Knowledge

Roles

  1. Last updated
  2. Save as PDF

Roles determine what actions a group of users can perform. You create your own roles, each of which can grant permission to perform any combination of actions, such as to creating workflows, deleting content classes, or viewing system events.

Parent Topic
Child Topics

Creating roles

You can use the REST API, Admin App, and CLI to create roles and select which permissions the roles contain.

About permissions

Each permission in a role grants a user the ability to perform an action in some area of the system. For example, the admin:services:read permission grants the ability to view services through the Admin App.

The first section of a permission string indicates that application that the permission applies to:

  • HCM permissions begin with monitor.
  • Search App permissions begin with search.
  • Admin App permissions begin with admin.
TipTo allow some users to only search for files and not perform any administrative functions, create a role that grants only search:query permissions.
Admin App instructions

Procedure

  1. Click the Configuration window.

  2. Click Security.

  3. On the Roles tab, click Create.

  4. Specify a name and, optionally, a description for the role.

  5. Use the Individual and Wildcard tabs to edit the permissions for the role:

    1. On the Individual tab, you can enable individual permissions or categories of permissions:

    2. Click a category of permissions and select one or more individual permissions within the category.

      For example, with the permissions selected in this image, a user can read, create, and update certificates, but cannot delete them.GUID-FF79AEF8-B278-4E48-8093-31F99B4E169B-low.png

      On the Wildcard tab, you can enable permissions for multiple categories at the same time. To do this:

    3. Click Add Permission.

    4. Use the menus to select a category of permissions.

    5. Leave the last menu set to the wildcard character (*).

  6. Click Create.

  7. Click Update.

Parent Topic
Child Topics

Related CLI commands

createRole

Parent Topic

Related REST API methods

POST /security/roles

You can get help on specific REST API methods for the Admin App at REST API - Admin.

Parent Topic

Viewing roles

You can use the REST API, CLI, and Admin App to view all the roles that have been created for your system.

Admin App instructions

Procedure

  1. Select the Configuration window.

  2. Click Security.

  3. Select the Roles tab.

Parent Topic
Child Topics

Related CLI commands

getRole

listRoles

Parent Topic

Related REST API methods

GET /security/roles/{uuid}

GET /security/roles

You can get help on specific REST API methods for the Admin App at REST API - Admin.

Parent Topic

Editing roles

You can use the REST API, Admin App, and CLI to change the permissions that a role contains.

About permissions

Each permission in a role grants a user the ability to perform an action in some area of the system. For example, the admin:services:read permission grants the ability to view services through the Admin App.

The first section of a permission string indicates what application the permission applies to:

  • HCM permissions begin with monitor.
  • Search App permissions begin with search.
  • Admin App permissions begin with admin .
Admin App instructions

Procedure

  1. Click the Configuration window.

  2. Click Security.

  3. On the Roles tab, click Create.

  4. Specify a name and, optionally, a description for the role.

  5. Use the Individual and Wildcard tabs to edit the permissions for the role:

    1. On the Individual tab, you can enable individual permissions or categories of permissions:

    2. Click a category of permissions and select one or more individual permissions within the category.

      For example, with the permissions selected in this image, a user can read, create, and update certificates, but cannot delete them.GUID-FF79AEF8-B278-4E48-8093-31F99B4E169B-low.png

      On the Wildcard tab, you can enable permissions for multiple categories at the same time. To do this:

    3. Click Add Permission.

    4. Use the menus to select a category of permissions.

    5. Leave the last menu set to the wildcard character (*).

  6. Click Create.

  7. Click Update.

Parent Topic
Child Topics

Related CLI commands

editRole

Parent Topic

Related REST API methods

PUT /security/roles/{uuid}

You can get help on specific REST API methods for the Admin App at REST API - Admin.

Parent Topic

Deleting roles

When you delete a role, all groups associated with that role lose the permissions that the role granted.

Admin App instructions

Procedure

  1. Select the Configuration window.

  2. Click Security.

  3. Select the Roles tab.

  4. Click the delete icon (GUID-1DC2D6DA-C521-4A3B-BFB6-4D5D932EB9EC-low.png) for the role you want to remove.

Parent Topic
Child Topics

Related CLI commands

deleteRole

Parent Topic

Related REST API methods

DELETE /security/roles/{uuid}

You can get help on specific REST API methods for the Admin App at REST API - Admin.

Parent Topic

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
    Page Type
    Documentation Article
  2. Tags
    This page has no tags.