Set User Privileges
Only contract owners, administrators, and users with valid access rights can view, use, or edit resources in a VDC. These access rights are assigned to groups and are inherited by group members.
Set access rights and ownership
A resource creator, by default, is the owner of the resource and can specify access rights to it. The Security tab of the respective resource displays its ownership details. The following table displays the access rights necessary to access and use a resource:
Access rights
Users can
Read
view and use the resource, but they cannot modify it. Read access is automatically granted as soon as a user is assigned to a group that has this access right.
Edit
modify and delete the resource.
Share
share a resource, including their access rights, with the groups to which they belong.
Set restrictions using 2-factor authentication
In addition to enabling access to a resource, you can also activate the 2-factor authentication for your data centers and snapshots. Only users authorized with the 2-factor authentication can access the data centers and snapshots and unauthorized users cannot view or access the resources, even if they belong to an authorized group.
Depending on their role, users can set access rights at the resource level and via the User Manager.
Manage access rights at the resource level
Prerequisites: Only contract owners, administrators, or users with relevant access rights can share the required resource. Other user types have read-only access and cannot provision changes.
To manage access rights at the resource level, follow these steps:
Log in to the DCD with your username and password.
Open the data center:
Images: Menu > Resource Manager > Image Manager > Image.
Snapshots: Menu > Resource Manager > Image Manager > Snapshot.
IP addresses: Menu > Resource Manager > IP Manager.
Kubernetes Cluster: Menu > Resource Manager > Kubernetes Manager.
Select the required resource in the Resources tab.
Select Security > Visible to Groups.
From the + Add Group drop-down list, select the required groups to enable access.
Select Read to allow users to see and use the resource. However, they cannot modify the respective resource.
(Optional) Select further permissions (Edit, Share). You may only share those permissions that you have.
Note:
To restrict or disable access, you can clear the respective checkbox or click Remove Group. Remember that, clicking Remove Group disables access for all members of the selected group.
(Optional) To protect a resource (data center, snapshots) more thoroughly by only allowing access to users whose login is secured with a 2-factor authentication, select the 2-Factor Protected checkbox.
Set access rights via the User Manager
Contract owners and administrators can set the access rights and also limit who else can access a resource by defining its permissions in the User Manager.
To set access rights via the User Manager, follow these steps:
Log in to the DCD with your username and password.
Go to the Menu > Management > Users & Groups.
Select the required resource in the Resources tab.
Select the Visible to Groups tab.
From the + Add Group list, add the required groups to enable access.
(Optional) Select Edit to enable write access or Share to enable resource sharing.
Note:
To revoke the permission, you can clear the respective checkbox or click Remove Group. Remember that, clicking Remove Group disables access for all members of the selected group.
(Optional) To protect a resource (data center, snapshots) more thoroughly by only allowing access to users whose login is secured with a 2-factor authentication, select the 2-Factor Protected checkbox.
Assigning resources to a group
To assign resources to a group, follow these steps:
Log in to the DCD with your username and password.
Go to the Menu > Management > Users & Groups.
Select the required group in the Groups tab.
Select the Resources of Group tab.
Select the required resource by clicking on + Grant Access. This enables read access to the selected resource.
(Optional) Select Edit to enable write access or Share to enable resource sharing.
Note: To disable access, you can clear the respective checkbox or click Revoke Access.
For more information about creating and managing the groups, see Manage User Access.
Last updated