Resource Access Control
Users who are not contract owners or administrators need access rights to view, use, or edit resources in a VDC. These access rights are assigned to groups and are inherited by group members.
Users can access a resource with the following access rights:
- Read: Users can see and use the resource, but they cannot modify it. Read access is automatically granted as soon as a user is assigned to a group that has this access right.
- Edit: Users can modify and delete the resource.
- Share: Users can share a resource, including their access rights, with the groups to which they belong.
A user who created a resource is the owner of that resource and can specify its access rights.
The owner is shown in the Security tab of a resource.
In addition to enabling access to resource, for users of authorized groups only, data centers and snapshots can be protected even further by restricting access to users who have 2-factor authentication activated. Other users cannot see or select these resources - even if they belong to an authorized group.
Depending on their role, users can set access rights at the resource level and in the User Manager.
Prerequisites: Make sure that you have the appropriate permissions. Only contract owners, administrators, or users with access rights permission can share the required resource. Other user types have read-only access and cannot provision changes.
- 1.Select the required resource
- 2.Open the data center:
- Images: Menu Bar > Resource Manager > Image Manager > Image.
- Snapshots: Menu Bar > Resource Manager > Image Manager > Snapshot.
- IP addresses: Menu Bar > Resource Manager > IP Manager.
- Kubernetes Cluster: Menu Bar > Resource Manager > Kubernetes Manager.
3. Select the required resource
4. Open Security > Visible to Groups
5. Enable access:
- From the + Add Group menu, select the required groups. Read access is granted. Users can see and use, but not modify the resource.
- (Optional) Select further permissions (Edit, Share). You may only share permissions that you have yourself.
6. Restrict or disable access:
- Select the required group
- Deactivate the checkbox of the permission
Read access is retained.
Alternatively, you can click Remove Group. Access will be disabled for all members of the selected group.
Optional: To protect the resource (data center, snapshots) more thoroughly by only allowing access to users whose login is secured with 2-factor authentication, activate the 2-Factor Protected check box.
Contract owners and administrators can also define in the User Manager who may access a resource to what extent.
Prerequisites: Make sure you have the appropriate permissions. Only contract owners and administrators can set the access rights.
Set the access rights in the User Manager
- 1.Go to Menu Bar > Management > Users & Groups. That is when the User Manager is displayed.
- 2.In the Resources, select the required resource.
- 3.Open the Visible to Groups.
- 4.Enable access
- From the + Add Group list, add the required groups.
- (Optional) To enable write access or sharing of a resource, activate the relevant check box.
5. Disable access: deactivate the checkbox of the permission or click Remove Group.
Optional: To protect the resource (data center, snapshots) more thoroughly by only allowing access to users whose login is secured with 2-factor authentication, activate the 2-Factor Protected check box.
Assigning resources to a group
- 1.In the Groups, select the required group.
- 2.Open the Resources of Group.
- 3.To enable access:
- Select the required resource by clicking on + Grant Access. This enables read access to the selected resource.
- (Optional) To enable write access or sharing of a resource, activate the respective check box.
4. To disable access:
- Select the required resource.
- Deactivate the check box of the appropriate permission or click on Revoke Access.
Last modified 2mo ago