You use roles to manage access control for user accounts in VMware Telco Cloud Service Assurance.

In this procedure, you add a new role and assign administrative permissions to the role.

Procedure

  1. Navigate to Administration > Access > Roles.
  2. Click Add.
  3. Enter the Name of the role.
  4. Provide description about the role in the Description.
  5. In Policy Assignment section:
    1. Select the policy from the drop-down.
      Note: Admin can select any policy from the list. Predefined policy "default_wo_filter" allow access to all data.
    2. Provide the name for the policy assignment.
    3. Provide the description for the policy assignment.
  6. In the Filter Details section select the proper value for the following:
    1. Select the required Property from the drop-down.
    2. Select the Expression type from the drop-down.
    3. Provide the Value.
    Note:
    • For some specific boolean columns, select Yes or No from the drop-down.
    • For a selected integer or string column, provide the exact value as input.
    • To add multiple values for a single attribute, click "+" icon. The operation is "OR" between the values like ("ROUTER" "MATCHES" "SWITCH OR ROUTER "). To remove any attribute, click the cross icon.
    • Within the filter set, all operations are "AND" operations and between the filter set all operation are "OR" operation.
    • For one attribute, you can have multiple values.
  7. In the Remediation Details field, select Yes or No from the drop-down menu.
  8. In the Category field, select a category for the Remediation Details.
  9. Select a Group name, in the Group Assignment.
    Note: Group name must match exactly with LDAP/KeyClock Group. Group names are case-sensitive.
  10. In the Permission Assignment section, select at least one Page Access option from the Operation-UI tree.
  11. In the Permission Assignment section, under Dashboard & Reports click Browse Dashboard.
  12. From the list of dashboards and dashboard folders, select View Permission and/or Edit Permission for the role.
    Note:
    • If you provide an edit permission to a folder, then the user will be able to view and edit all the dashboards present in that folder.
    • If you provide a view permission to a folder, then the user can only view the dashboards in that folder. You can also choose to provide edit permission to a particular dashboard in that folder for the user to have an edit permission for that dashboard alone.
  13. Click Assign Permissions.
  14. Click Save Role.
    Note: The user will be able to view or edit the dashboards and reports based on the dashboards or folders that you select in step 10 and the permission you provide in step 11. If you select a dashboard in step 10 then the user will be able to view or edit that dashboard alone. If you select a folder in step 10 then the user will be able to view or edit all the dashboards available in that folder.