Difference between revisions of "Permissions"
m |
(Update heading levels) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 24: | Line 24: | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | Install | | style="vertical-align:top;border-bottom:0.5px solid gray;" | Install | ||
− | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can install an agent on a | + | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can install an agent on a computer by providing their username and password. |
|- | |- | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
Line 80: | Line 80: | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | View internal Veloopti events | | style="vertical-align:top;border-bottom:0.5px solid gray;" | View internal Veloopti events | ||
− | | style="vertical-align:top;border-bottom:0.5px solid gray;" | User can view events that have been created internally by | + | | style="vertical-align:top;border-bottom:0.5px solid gray;" | User can view events that have been created internally by Veloopti agents. These can be used to help diagnosing agent issues. |
|- | |- | ||
|} | |} | ||
Line 118: | Line 118: | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | Deploy policies | | style="vertical-align:top;border-bottom:0.5px solid gray;" | Deploy policies | ||
− | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can deploy all application policies to | + | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can deploy all application policies to nodes whether they have access to the application or not. |
|- | |- | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
Line 172: | Line 172: | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | Manage Auto Discovery | | style="vertical-align:top;border-bottom:0.5px solid gray;" | Manage Auto Discovery | ||
− | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can manage the auto discovery options for discovering application on | + | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can manage the auto discovery options for discovering application on computers |
|- | |- | ||
|} | |} | ||
Line 287: | Line 287: | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | Assign Action to Action Group | | style="vertical-align:top;border-bottom:0.5px solid gray;" | Assign Action to Action Group | ||
− | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can add actions to actions group. This allows the action to be available to be run on any | + | | style="vertical-align:top;border-bottom:0.5px solid gray;" | The user can add actions to actions group. This allows the action to be available to be run on any node in the application. |
|- | |- | ||
| style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | | style="vertical-align:top;border-bottom:0.5px solid gray;" | [[file:slider_right.png|30px]] | ||
Line 435: | Line 435: | ||
|} | |} | ||
+ | == Other permissions == | ||
=== Owner === | === Owner === | ||
− | The role of | + | After creating an organistion the user is given both the roles of Owner and Billing Administrator. The role of Owner has permanent permissions that cannot be modified. The role of Owner cannot be renamed or deleted. The Owner is able to select another user to replace them and replace them as the Owner. The selected user is then able to accept or reject the role of Owner. If the new user accepts the role of Owner then any previous Owner is not able to select themselves to take the role of Owner again. Once the role of Owner is given and received to another user it cannot be changed except by the current Owner. If the use account that has the role of owner is somehow lost then contact Veloopti. The Owner always has access to the below permissions. |
{| class="wikitable" style="text-align: left; color: black;" | {| class="wikitable" style="text-align: left; color: black;" | ||
− | |||
|- | |- | ||
! Permissions | ! Permissions | ||
! URL | ! URL | ||
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
| Change Owner | | Change Owner | ||
− | | [https:// | + | | [https://ap2.veloopti.com.au/organisation/index/special ap2.veloopti.com.au/organisation/index/special] |
− | |||
− | |||
− | |||
− | |||
| | | | ||
|- | |- | ||
| Change Billing Administrator | | Change Billing Administrator | ||
− | | [https:// | + | | [https://ap2.veloopti.com.au/organisation/index/special ap2.veloopti.com.au/organisation/index/special] |
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
| Edit Global and Application Role Permissions | | Edit Global and Application Role Permissions | ||
− | | [https:// | + | | [https://ap2.veloopti.com.au/permissions ap2.veloopti.com.au/permissions] |
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
| Add Users to Global and Application Roles | | Add Users to Global and Application Roles | ||
− | | [https:// | + | | [https://ap2.veloopti.com.au/roles/index/ ap2.veloopti.com.au//roles/index/] |
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
|} | |} | ||
=== Billing Administrator === | === Billing Administrator === | ||
+ | |||
+ | |||
+ | [[Category:User Administration]] [[Category:Users]] |
Latest revision as of 17:41, 16 September 2020
Home > Administration > User Administration > Permissions
Contents
1 Overview
A central design point of Veloopti security is that no user has permission to perform any operation unless they have been specifically granted it. The purpose of granting a permission is to enable a user to perform a specific action. Permissions either extend globally to the whole of Veloopti, or locally to a single application. Each application has total control of its own permissions and they do not interfere with another application.
2 Design considerations
A central design point of Veloopti permissions is to empower the owner of an application to have everything they need to monitor their application. They should be able to write and deploy any monitoring for their application without being interfered by another application.
3 Roles and permissions
Permissions are bundled together and can appear in one or more roles.
Global permissions and application permissions
Global permissions reach to the entire Veloopti organisation and can extend into every application. Application permissions exist only in the application.
4 Global permissions
AGENTS
APPLICATIONS
EVENTS
LOGS
NODES
ORGANISATION
STORM RULES
View All | The user can view storm rules | |
Manage All | The user can create and edit storm rules |
POLICIES
USERS
DASHBOARDS
Manage all | Can be used in conjunction with the application "View all" global permission to empower a user to enter any application and modify the dashboards. |
5 Application permissions
ACTIONS
EVENTS
NODES
POLICIES
USERS
DASHBOARDS
Manage Dashboards | The user can create, edit and delete dashboards |
6 Other permissions
6.1 Owner
After creating an organistion the user is given both the roles of Owner and Billing Administrator. The role of Owner has permanent permissions that cannot be modified. The role of Owner cannot be renamed or deleted. The Owner is able to select another user to replace them and replace them as the Owner. The selected user is then able to accept or reject the role of Owner. If the new user accepts the role of Owner then any previous Owner is not able to select themselves to take the role of Owner again. Once the role of Owner is given and received to another user it cannot be changed except by the current Owner. If the use account that has the role of owner is somehow lost then contact Veloopti. The Owner always has access to the below permissions.
Permissions | URL | |
---|---|---|
Change Owner | ap2.veloopti.com.au/organisation/index/special | |
Change Billing Administrator | ap2.veloopti.com.au/organisation/index/special | |
Edit Global and Application Role Permissions | ap2.veloopti.com.au/permissions | |
Add Users to Global and Application Roles | ap2.veloopti.com.au//roles/index/ |