Resource groups
For the first iteration of the RBAC implementation, the only asset that is managed and can be assigned to users is the Resource Groups.
So the basic steps for managing and assigning Resource Groups are described below:
- The
adminuser creates resource groups in the respective cluster control panels. - The
adminuser creates users and roles in the SIM. - The
adminuser allocates a resource group to a specific role. - The
normaluser assigned with that role has access to that specific resource group.
In order to allocate a resource group to a role, the admin user should navigate to Infrastructure -> Resource Groups :
From the resource groups that are visible, the admin user can choose the one to allocate to specific user by selecting Assign RG to role through the actions gear icon, as presented below:
Choose a specific role from the drop-down menu:
and click Yes, Assign!.
Now as soon as any user, that belongs to that role, logs in, they should be able to see and use the allocated resource group.
To that effect, the users should also be able to create VMs, directly through the SIM.
Equally, the admin user, can remove an allocated resource group from a role if necessary, thus removing access from all role users to that resource group.
