Manage Roles
Security Requirements and Controls
Manage users
permission
All roles available and the permissions granted via the roles are
displayed in the User Interface in the
Roles
page.
Depending on the system level permission you've chosen, you can assign different permissions for any new role you create. For example, you can create an Organization management role type and name it, say, "Operations", to which grant permissions such as the capability to view all internal notifications, or to manage other users.
While LogScale comes with a predefined set of roles — Admin, Member and Deleter — they may be customized to your specific needs. Keep in mind that it's generally a good idea to grant as few permissions as possible and to add more as needed.
Note
You need to be an Organization Owner on Cloud or a root user on
on-premise installations to have access to the
Roles
page and assign roles to users. Or
you need to have the Change user access
permission:
Figure 74. Change User Access
See the full list of available permissions along with descriptions of their usage at Repository & View Permissions.
To add new roles or customizing existing roles:
Click on your profile avatar in the upper right corner and select Organization Settings →
Roles
on the left.Figure 75. Roles
Click + Add, enter a name for your new role such as "Operations" and select a Role type e.g. Organization management.
Figure 76. Adding Roles
Set the permissions for the new role. For example, if you wish to create a strictly read-only role, select the Data access checkbox and nothing else, then click Create role:
Figure 77. Assigning Permissions to Roles
The new role can now be assigned to groups via the
Groups
page of the User Interface, where you are prompted to configure the permission levels for a group — see Figure 67, “New Group Created”.To customize an existing role and change its permissions, or to remove it, select the role and click Edit role or Delete role:
Figure 78. Customizing or Removing Roles
Aggregate Permissions
When you've defined more than one role under a Repository and View, Organization or Cluster, you can get a combined view of the available permissions for all roles — all permissions in a specific repository, for example. This gives you an overview if you want to know exactly which permissions you have.
Click on your profile avatar in the upper right corner and select Organization Settings →
Users
on the left.Select one of the users that have multiple roles assigned and click on your repository.
Click the Show aggregate permissions button: the list of aggregated permissions will be displayed on the right.
Figure 79. Aggregate permissions
You can always select a single role instead to get only the permissions for that role.