Roles
Roles determine what actions a group of users can perform. You create your own roles, each of which can grant permission to perform any combination of actions.
For information on associating a role with a group of users, see Editing groups.
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.
Creating roles
You can use the REST API, Administration App, and CLI to create roles and select which permissions the roles contain.
Administration App instructions
1.Click on System Configuration.
2.Click on the Security .
3.On the Roles tab, click on the Add Role button.
4.Specify a name and, optionally, a description for the role.
5.Use the Individual and Wildcard tabs to edit the permissions for the role.
On the Individual tab, you can enable individual permissions or categories of permissions:
oClick on a category of permissions and select one or more individual permissions within the category.
For example, with the permissions selected in this image, a user can read, create, and update certificates, but cannot delete them.
oSelect all permissions in a category by flipping the switch to Yes on the row for the category. You can also deselect all permissions in the category by flipping the switch to No.
|
Note: The permission category switch shows Yes if even one permission within the category is selected. |
On the Wildcard tab, you can enable permissions for multiple categories at the same time. To do this:
a.Use the drop-down menus to select a category of permissions.
b.Leave the last drop-down menu set to the wildcard character (*).
c.Click on the Add Permission button.
For example, this configuration grants all permissions for the Search App and all permissions related to working with pipelines:
6.Click on the Update button.
7.Click on the Create button.
Related REST API method(s)
POST /security/roles
For information on specific REST API methods, in the Administration App, click on the help icon (). Then:
•To view the administrative REST API methods, click on Admin API.
•To view the API methods used for performing searches, click on Search API.
For general information about the administrative REST API, see REST API reference.
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.
Viewing roles
You can use the REST API, CLI, and Administration App to view all the roles that have been created for your system.
Administration App instructions
1.Click on System Configuration.
2.Click on the Security .
3.Click on the Roles tab.
Related CLI command(s)
getRole
listRoles
For information on running CLI commands, see CLI reference.
Related REST API method(s)
GET /security/roles/{uuid}
GET /security/roles
For information on specific REST API methods, in the Administration App, click on the help icon (). Then:
•To view the administrative REST API methods, click on Admin API.
•To view the API methods used for performing searches, click on Search API.
For general information about the administrative REST API, see REST API reference.
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.
Editing roles
You can use the REST API, Administration App, and CLI to change the permissions that a role contains.
Administration App instructions
1.Click on System Configuration.
2.Click on the Security .
3.Click on the Roles tab.
4.Click on the role you want to edit.
5.Use the Individual and Wildcard tabs to edit the permissions for the role.
On the Individual tab, you can enable individual permissions or categories of permissions:
oClick on a category of permissions and select one or more individual permissions within the category.
For example, with the permissions selected in this image, a user can read, create, and update certificates, but cannot delete them.
oSelect all permissions in a category by flipping the switch to Yes on the row for the category. You can also deselect all permissions in the category by flipping the switch to No.
|
Note: The permission category switch shows Yes if even one permission within the category is selected. |
On the Wildcard tab, you can enable permissions for multiple categories at the same time. To do this:
a.Use the drop-down menus to select a category of permissions.
b.Leave the last drop-down menu set to the wildcard character (*).
c.Click on the Add Permission button.
For example, this configuration grants all permissions for the Search App and all permissions related to working with pipelines:
6.Click on the Update button.
7.Click on the Update button.
Related REST API method(s)
PUT /security/roles/{uuid}
For information on specific REST API methods, in the Administration App, click on the help icon (). Then:
•To view the administrative REST API methods, click on Admin API.
•To view the API methods used for performing searches, click on Search API.
For general information about the administrative REST API, see REST API reference.
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.
Deleting roles
When you delete a role, all groups associated with that role lose the permissions that the role granted.
Administration App instructions
1.Click on System Configuration.
2.Click on the Security .
3.Click on the Roles tab.
4.Click on the delete icon () for the role you want to remove.
Related REST API method(s)
DELETE /security/roles/{uuid}
For information on specific REST API methods, in the Administration App, click on the help icon (). Then:
•To view the administrative REST API methods, click on Admin API.
•To view the API methods used for performing searches, click on Search API.
For general information about the administrative REST API, see REST API reference.
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.