Role-based access control lets you restrict log access for specific users, and control tasks that these users can perform after they log in. You can associate or revoke roles with or from user login accounts. A user can see all the dashboards that they have access to, but the data in the dashboards and in Explore Logs is filtered based on the data sets that the user role has access to.
- Users
- You can control the access and actions of each user by granting or revoking roles to or from the login account of the user.
- Permissions
- Permissions and access levels are associated with roles, and control the allowed actions in VMware Aria Operations for Logs. Permissions apply to particular administrative or user tasks in VMware Aria Operations for Logs. The predefined roles in VMware Aria Operations for Logs have a fixed set of permissions. You can modify these permissions for all predefined roles except the Super Admin role. Additionally, you can also create custom roles and assign permissions with access levels according to your requirement. For example, you can grant the Management permission with Full Access to allow a user to view and modify the VMware Aria Operations for Logs administrative settings in the Management section.
- Data Sets
-
Data sets consist of a set of filters. You can use data sets to provide users with access to specific content by associating a data set with a role.
Note: You can associate data sets with all predefined roles except the Super Admin role.
- Roles
-
Roles are collections of permissions and data sets that can be associated with users. Roles provide a convenient way to package all the permissions required to perform a task. One user can be assigned multiple roles.
VMware Aria Operations for Logs has a set of predefined roles. You can modify all predefined roles except the Super Admin role. You can also create custom roles and modify the associated permissions and data sets according to your requirement.