Manage Groups
Security Requirements and Controls
Manage users
permission
Assigning permissions to individual users in larger organizations can be a cumbersome task. LogScale allows you to create groups and either manage user memberships directly in LogScale or by synchronizing with an external system.
Either way you need to create groups in LogScale first.
Then you need your group to have users and permissions assigned to it. Any
user who is assigned the Change user access
permission can assign permissions to groups for a
repository.
Note
You need to be a root user or have the
Manage Users
on on-premise
installations to create groups and assign them users and permissions.
Note
If you intend on administering access to repositories and views
centrally by an organization owner or root only be sure not to give out
the Change user access
permission to anyone. In practice this means removing the permission
from all roles thus not allowing any users to go to a repository or view
and add another user or group directly.
Create New Groups
Click on the profile menu icon in the upper right corner and select Organization Settings then Users and permissions →
Groups
on the left.Click +Add... to create a new group.
Enter a group name, such as "Operations", and select the permission levels your new group should belong to (see all types described at Permission Levels), then click Next:
Figure 72. Creating Groups
For the Repository and view level, choose whether the group should apply a role to a selection of repositories and views or to all current and future repositories and views: select the preferred repositories or views and click Next
Select a role for the new group e.g. Admin, then click Create group, you now have an empty group with no users assigned but the Admin role is given to all the selected repositories or views:
Figure 73. New Group Created
Afterwards the added users will be in the
Users
list.If you have a few repositories that need to be treated differently, click Exceptions to apply different permissions to selected repositories.
Note
Only users who have accepted the email invitation and completed the first log-in process can be added to a group.
Change Roles
You can modify the role assigned to a group — that is, its set of permissions — at your convenience.
Go to Users and permissions →
Groups
and select your group from the list of available groups. You can search if the one you are looking for is not immediately visible in the list, or filter by type.Click the Permissions tab of the selected group and click Change role.
Figure 77. Changing Permissions to Groups
In the dialog popping up, click Apply role, this will update the default role for the entire group.
Figure 78. Apply Roles to Groups