Managing Roles
Security Requirements and Controls
Manage userspermission
All roles available and the permissions granted via the roles are
displayed in the User Interface in the
Roles page.
Depending on the system level permission you've chosen, you can assign different permissions for any new role you create. For example, you can create an Organization management role type and name it, say, "Operations", to which grant permissions such as the capability to view all internal notifications, or to manage other users.
While LogScale comes with a predefined set of roles — Admin, Member and Deleter — they may be customized to your specific needs. Keep in mind that it's generally a good idea to grant as few permissions as possible and to add more as needed.
Note
You need to be an Organization Owner on Cloud or a root user on
on-premise installations to have access to the
Roles page and assign roles to users. Or
you need to have the Change user access permission:
 |
Figure 75. Change User Access
See the full list of available permissions along with descriptions of their usage at Repository & View Permissions.
To add new roles or customizing existing roles:
Click on your profile avatar in the upper right corner and select Organization Settings →
Roleson the left.
Figure 76. Roles
Click , enter a name for your new role such as "Operations" and select a Role type e.g. .
Figure 77. Adding Roles
Set the permissions for the new role. For example, if you wish to create a strictly read-only role, select the Data access checkbox and nothing else, then click :
Figure 78. Assigning Permissions to Roles
The new role can now be assigned to groups via the
Groupspage of the User Interface, where you are prompted to configure the permission levels for a group — see Figure 69, “Assigning Permissions”.To customize an existing role and change its permissions, or to remove it, select the role and click or :
Figure 79. Customizing or Removing Roles
Aggregate Permissions
When you've defined more than one role under a Repository and View, Organization or Cluster, you can get a combined view of the available permissions for all roles — all permissions in a specific repository, for example. This gives you an overview if you want to know exactly which permissions you have.
Click on your profile avatar in the upper right corner and select Organization Settings →
Userson the left.Select one of the users that have multiple roles assigned and click on your repository.
Click the button: the list of aggregated permissions will be displayed on the right.
Figure 80. Aggregate permissions
You can always select a single role instead to get only the permissions for that role.