This is the third blog post in the Nutanix Self Service Portal (SSP) blog post series.
The other blog posts in the series are:
- Nutanix Self Service Portal Part I – Preparation & Initial Configuration
- Nutanix Self Service Portal Part II – Projects
- Nutanix Self Service Portal Part IV – Images
- Nutanix Self Service Portal Part V – VM management
- Nutanix Self Service Portal Part VI – Catalog Items
This blog post will include how to manage roles and will cover:
The Roles section, which is accessible if your click Roles on the left hand side, shows the SSP default role called DevOps.
The DevOps role includes the following permissions listed by Action type:
Create Role
Simply click Create Role in the roles view and the create role wizard will appear. Provide the following information before you hit Save to create the role:
- Role Name
- Description
- Permissions which includes the following VM available actions:
- Create
- Console
- Delete
- Power
- Update
In my case i need two different roles:
- Role-DevA which can take any VM related action and this role will be assigned to Project DevA. This role is created with the following configuration:
- Role-DevB which can take any VM related action apart from creating a new VM. This means all VMs needs to be created by either Nutanix PRISM or SSP administrators and assigned to the project. This role is created with the following configuration:
There is an option to create a role without selecting any permissions and that role will include the following View permissions by default.
Assign Role To A Project
Both below procedures will take you to the same screen.
- Go to the Projects view -> click the Project Name -> click Update Project button in the top right corner
- Go to Projects view -> click the check box next to the project and select Update form the Actions drop down list to update your project.
Scroll down to Role Type and select the new role for your Project.
The Roles section looks like the following after my Role assignments.
Access Your Role
Access each role by just clicking on the name and it will give you 3 different views:
- Summary which will give you a summary of:
- Project that will list Projects using the role
- Users that will list any user in any project assigned to the role
Update & Delete Roles
You can easily Update or Delete your role by clicking the check box next to the role name and select Update or Delete via the Actions drop down list.
Any role apart from the default DevOps can be Deleted or Updated by just clicking the check box next to the role name and use the actions available from the drop down box. Note that you cannot delete the default DevOps Role or any other role currently in use (assign to a project).
The Update Role option will bring up the same screen as the initial role configuration screen. Perform the necessary changes and click Save
The Delete option will bring up a confirmation screen that you want to Delete the Role. Just click OK and you’re done.