This topic explains how to manage user roles with Apps Manager.

Important The procedures described here are not compatible with using SAML or LDAP for user identity management. To create and manage user accounts in a SAML or LDAP-enabled Ops Manager deployment, see Adding existing SAML or LDAP users to an Ops Manager deployment.

Overview

Ops Manager uses role-based access control, with each role granting the permissions in either an org or an app space.

A user account can be assigned one or more roles. The combination of these roles defines the actions a user can perform in an org and within specific app spaces in that org. For information about the actions that each role allows, see Orgs, Spaces, Roles, and Permissions. For example, to assign roles to user accounts in a space, you must have Space Manager role assigned to the user in that space.

You can also modify permissions for existing users by adding or removing the roles associated with the user account. User roles are assigned on a per-space basis, so you must modify the user account for each space that you want to change.

Admins, Org Managers, and Space Managers can assign user roles with Apps Manager or with the Cloud Foundry Command Line Interface (cf CLI). For more information, see Users and Roles in Getting Started with the cf CLI.

You can manage user roles across multiple foundations. For more information, see Configuring multi-foundation support in Apps Manager.

Manage Org Roles

Valid org roles are Organization Manager and Organization Auditor.

To grant or revoke org roles:

  1. Go to the Home page

  2. Select an org.

  3. In the panel on the left side of the screen, click Members. Edit the roles assigned to each user by selecting or clearing the check boxes under each user role. Apps Manager saves your changes automatically.

  4. The Members panel displays all members of the org. Select a check box to grant an org role to a user, or clear a check box to revoke a role from a user.

Manage App Space Roles

Valid app space roles are Space Manager, Space Developer, and Space Auditor.

To grant or revoke app space roles:

  1. Go to the page for a space.

  2. In the panel on the left side of the screen, click Members. The Members panel displays all members of the space.

  3. Select a check box to grant an app space role to a user, or clear a check box to revoke a role from a user.

    • Space Managers can invite and manage users and enable features for a given space. Assign this role to managers or other users who need to administer the account.
    • Space Developers can create, delete, and manage apps and services, and have full access to all usage reports and logs. Space Developers can also edit apps, including the number of instances and memory footprint. Assign this role to app developers or other users who need to interact with apps and services.
    • Space Auditors have view-only access to all space information, settings, reports, and logs. Assign this role to users who need to view but not edit the app space.

Invite New Users

Note: The Enable invitations check box in the Apps Manager pane of the TAS for VMs tile must be selected to invite new users.

To invite new users to an org:

  1. Go to the org page.

  2. In the panel on the left side of the screen, click Members.

  3. Click Invite New Members. The Invite New Team Member(s) form appears.

  4. In the Add Email Addresses text field, enter the email addresses of the users that you want to invite. Enter multiple email addresses as a comma-delimited list.

  5. The Assign Org Roles and Assign Space Roles tables list the current org and available spaces with check boxes corresponding to each possible user role. Select the check boxes that correspond to the permissions that you want to grant to the invited users.

  6. Click Send Invite. The Apps Manager sends an email containing an invitation link to each email address that you specified.

Remove a User From an Org

Removing a user from org also removes them from all spaces in the org.

To remove a user from the org:

  1. Go to the org page.

  2. In the panel on the left side of the screen, click Members.

  3. Locate the user account that you want to remove.

  4. Under the user’s email address, click on the Remove User link. A warning dialog appears.

  5. Click Remove to confirm user account deletion from the org.

Remove a User From a Space

To remove a user from a space:

  1. Go to the page for a space.

  2. In the panel on the left side of the screen, click Members. The Members panel displays all members of the space.

  3. Locate the user account that you want to remove.

  4. Under the user’s email address, click on the Remove User link. A warning dialog appears.

  5. Click Remove to confirm user account deletion from the space.

check-circle-line exclamation-circle-line close-line
Scroll to top icon