You use roles to manage access control for user accounts in VMware Telco Cloud Service Assurance.

In this procedure, you add a new role and assign administrative permissions to the role.

Procedure

  1. Navigate to Administration > Access > Roles.
  2. Click Add.
  3. Enter the Name of the role.
  4. Provide description about the role in the Description.
  5. In Policy Assignment section:
    1. Select the policy from the drop-down.
      Note: Admin can select any policy from the list. Predefined policy "default_wo_filter" allow access to all data.
    2. Provide the name for the policy assignment.
    3. Provide the description for the policy assignment.
  6. In the Filter Details section select the proper value for the following:
    1. Select the required Property from the drop-down.
    2. Select the Expression type from the drop-down.
    3. Provide the Value.
    Note:
    • For some specific boolean columns, select Yes or No from the drop-down.
    • For a selected integer or string column, provide the exact value as input.
    • To add multiple values for a single attribute, click "+" icon. The operation is "OR" between the values like ("ROUTER" "MATCHES" "SWITCH OR ROUTER "). To remove any attribute, click the cross icon.
    • Within the filter set, all operations are "AND" operations and between the filter set all operation are "OR" operation.
    • For one attribute, you can have multiple values.
  7. In the Remediation Details field, select Yes or No from the drop-down menu.
  8. In the Category field, select a category for the Remediation Details.
  9. Select a Group name, in the Group Assignment.
    Note: Group name must match exactly with LDAP/KeyClock Group. Group names are case-sensitive.
  10. In the Permission Assignment section, select all required Page Access options from the Operation-UI tree.
    Note:
    • You must select Cross-launch folder permission from the Dashboard & Reports option for the user to view the Health Dashboard in the Topology and Operations page.
    • Only default admin has the priviledge to configure Scheduled Report Exports. Other admins or users do not have the priviledge to configure Scheduled Report Exports. So you must not provide this page access to any roles.
  11. Click Assign Permissions.
  12. Click Save Role.
    Note: The user will be able to view or edit the dashboards and reports based on the dashboards or folders that you select in step 10 and the permission you provide in step 11. If you select a dashboard in step 10 then the user will be able to view or edit that dashboard alone. If you select a folder in step 10 then the user will be able to view or edit all the dashboards available in that folder.