Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

https://docs.128technology.com/docs/config_RBAC/

  • Create an MSP's customer: Resource Group
  • Assign resources to a resource Group ( like: Router, service, Service-policy, . . . )
  • Create Role: user Access Management role ( like: Admin, operator,... )
  • Create Users and Assign roles to users
  • Open a New session with the use User account


Create an MSP's customerAuthority level
Create a Resource Group

Configure > Authority > Create a New Resource Group / RBAC

Image Modified

Assign resourcesRouter level
Assign Resource Groups to Authority-level Resources ( Router )

Configure > Router > Resource Group > Select the RBAC

( !!! service group is different, it's just grouping many services together for ... )

Assign a Resource Group to a Service:

Configure > Service > Service Applies To > Select: resource-group 

>> then ADD the RBAC:

example: MSP-Customer1

Assign a Resource Group to a Service-Policy:

Configure > Service Policy > Service-Policy Applies To > Select : resource-group

>> then ADD the RBAC:

example: MSP-Customer1

Create user Access Management RoleRole or functions per MSP's customers
Create an Access Management Role

Configure > Authority > Access Management Roles > Add ACM: Company1-Admin

>>> Add Capability: Read, Write and provisioning

(Provisioning allows users to perform software lifecycle management duties, such as download software, upgrade existing installations, etc.)

>>> Map with Resource Group:  

example: MSP-Customer1


Image Modified


>>> Include or Exclude resources    (can be done at the resource level instead = Easier )

Generated ( created from the ressource 

Image Modified

Data Modeldata model

https://docs.128technology.com/docs/concepts_glossary/



Image Modified

Image Modified

Create User and Assign roles to users

Create Users and Assign Roles


Users >> Create a New user: company1-admin 

>> Map to: company1-Admin-role


Image Modified


Image Modified


Image Modified


show roles


Image Modified

Open a New sessionlog as MSP-customer1 user account