6.9.9. Creating Scoped Roles

Scoped Roles are user-defined roles that grant the permissions of one of the standard roles but only for one or more specified server groups or hosts. This topic shows how to create scoped roles.

Only users in the SuperUser or Administrator roles can perform this configuration.

Scoped Role configuration in the management console can be found by following these steps:

  1. Login to the Management Console

  2. Click on the Administration tab

  3. Expand the Access Control menu and select Role Assignment.

  4. Select ROLES tab, and then the Scoped Roles tab within it.
The Scoped Roles section of the Management Console consists of two main areas, a table containing a list of the currently configured scoped roles, and the Selection panel which displays the details of the role currently selected in the table.
The following procedures show how to perform configuration tasks for Scoped Roles.

Procedure 6.22. Add a New Scoped Role

  1. Login to the Management Console
  2. Navigate to the Scoped Roles area of the Roles tab.
  3. Click Add. The Add Scoped Role dialog appears.
  4. Specify the following details:

    • Name, the unique name for the new scoped role.

    • Base Role, the role which this role will base its permissions on.

    • Type, whether this role will be restricted to hosts or server groups.

    • Scope, the list of hosts or server groups that the role is restricted to. Multiple entries can be selected.

    • Include All, should this role automatically include all users. Defaults to no.
  5. Click Save and the dialog will close and the newly created role will appear in the table.

Procedure 6.23. Edit a Scoped Role

  1. Login to the Management Console
  2. Navigate to the Scoped Roles area of the Roles tab.
  3. Click on the scoped role you want to edit in the table. The details of that role appears in the Selection panel below the table.
  4. Click Edit in the Selection panel. The Selection panel enters edit mode.
  5. Update the details you need to change and click the Save button. The Selection panel returns to its previous state. Both the Selection panel and table show the newly updated details.

Procedure 6.24. View Scoped Role Members

  1. Login to the Management Console
  2. Navigate to the Scoped Roles area of the Roles tab.
  3. Click on the scoped role in the table that you want to view the Members of, then click Members. The Members of role dialog appears. It shows users and groups that are included or excluded from the role.
  4. Click Done when you have finished reviewing this information.

Procedure 6.25. Delete a Scoped Role

Important

A Scoped Role cannot be deleted if users or groups are assigned to it. Remove the role assignments first, and then delete it.
  1. Login to the Management Console
  2. Navigate to the Scoped Roles area of the Roles tab.
  3. Select the scoped role to be removed in the table.
  4. Click the Remove button. The Remove Scoped Role dialog appears.
  5. Click Confirm.The dialog closes and the role is removed.
Report a bug