For the first iteration of the RBAC implementation, the only asset that is managed and can be assigned to users is the
So the basic steps for managing and assigning Resource Groups are described below:
adminuser creates resource groups in the respective cluster control panels.
adminuser creates users and roles in the SIM.
adminuser allocates a resource group to a specific role.
normaluser assigned with that role has access to that specific resource group.
In order to allocate a resource group to a role, the
admin user should navigate to
Resource Groups :
From the resource groups that are visible, the
admin user can choose the one to allocate to specific user by selecting
Assign RG to role through the actions gear icon, as presented below:
Choose a specific role from the drop-down menu:
Now as soon as any user, that belongs to that role, logs in, they should be able to see and use the allocated resource group.
To that effect, the users should also be able to create VMs, directly through the SIM.
admin user, can remove an allocated resource group from a role if necessary, thus removing access from all role users to that resource group.