Manage Groups

Security Requirements and Controls

Assigning permissions to individual users in larger organizations can be a cumbersome task. LogScale allows you to create groups and either manage user memberships directly in LogScale or by synchronizing with an external system.

Either way you need to create groups in LogScale first.

Then you need your group to have users and permissions assigned to it. Any user who is assigned the Change user access permission can assign permissions to groups for a repository.

Note

You need to be a root user or have the Manage Users on on-premise installations to create groups and assign them users and permissions.

Note

If you intend on administering access to repositories and views centrally by an organization owner or root only be sure not to give out the Change user access permission to anyone. In practice this means removing the permission from all roles thus not allowing any users to go to a repository or view and add another user or group directly.

Create New Groups

  1. Click on the profile menu icon in the upper right corner and select Organization Settings then Users and permissionsGroups on the left.

  2. Click +Add... to create a new group.

  3. Enter a group name, such as "Operations", and select the permission levels your new group should belong to (see all types described at Permission Levels), then click Next:

    Creating Groups

    Figure 66. Creating Groups


  4. For the Repository and view level, choose whether the group should apply a role to a selection of repositories and views or to all current and future repositories and views: select the preferred repositories or views and click Next

  5. Select a role for the new group e.g. Admin, then click Create group, you now have an empty group with no users assigned but the Admin role is given to all the selected repositories or views:

    New Group Created

    Figure 67. New Group Created


    Afterwards the added users will be in the Users list.

  6. If you have a few repositories that need to be treated differently, click Exceptions to apply different permissions to selected repositories.

Note

Only users who have accepted the email invitation and completed the first log-in process can be added to a group.

Change Roles

You can modify the role assigned to a group — that is, its set of permissions — at your convenience.

  1. Go to Users and permissionsGroups and select your group from the list of available groups. You can search if the one you are looking for is not immediately visible in the list, or filter by type.

  2. Click the Permissions tab of the selected group and click Change role.

    Changing Permissions to Groups

    Figure 71. Changing Permissions to Groups


  3. In the dialog popping up, click Apply role, this will update the default role for the entire group.

    Apply Roles to Groups

    Figure 72. Apply Roles to Groups