Managing User Access to Event Portal
The level of access you have to the features and resources in Event Portal depends on the role you're assigned in Solace Cloud and the permissions granted to that role. Roles can be assigned directly to users or
- Administrators
- Solace Cloud users with the Administrator role have full access to all Solace Cloud capabilities. Administrators can assign users any role in Solace Cloud. In Event Portal, Administrators have the same access as Event Portal Managers.
- Event Portal Managers
- Solace Cloud users with the Event Portal Manager role have full access to all Event Portal capabilities. They also have full access to all application domains and to modeled event meshes in all environments.
- Event Portal Users
- Solace Cloud users with the Event Portal User role have limited access and viewing capabilities. They can't open an application domain or modeled event mesh unless they are granted access to the application domain or to the environment containing the modeled event mesh by someone with Manager level access. The following access levels can be granted to users and user groups with the Event Portal User role:
- Application Domain Viewer
- Event Portal Users with Application Domain Viewer access to an application domain can perform these functions:
- view the objects in the application domain
- download the AsyncAPI document for applications and event APIs in the application domain
- Application Domain Editor
Event Portal Users with Application Domain Editor access to an application domain perform the same functions as users with Viewer access. They can also create, update, and delete objects in the application domain.
Event Portal Users with Application Domain Editor access can promote applications to a modeled event mesh if they have they also have access to the environment containing the modeled event mesh.
- Application Domain Editors with EP Runtime Viewer access to the environment can request approval to promote an application to a Solace modeled event mesh.
- Application Domain Editors with EP Runtime Editor or EP Runtime Approver access to the environment can promote an application to a modeled event mesh without getting additional approval.
- Application Domain Manager
- Event Portal Users with Manager access to an application domain can perform the same functions as users with Application Domain Editor access. They can also perform these functions:
- change an object's version state
- modify the application domain information, including name, description, and topic domains
- add and delete custom attributes in the application domain
- give users with the Event Portal User role access to the application domain
- give users with the Event Portal User role Event Access Approver access for the application domain
- Event Access Approver
- Event Portal Users with Event Access Approver access to an application domain can approve and decline event access requests. They can also perform the same functions as users with Application Domain Viewer access.
- EP Runtime Viewer
- Event Portal Users with EP Runtime Viewer access to an environment can use Runtime Event Manager to view the objects in all modeled event meshes that are part of the environment. To open objects in Designer from the modeled event mesh, Event Portal Users must also have Application Domain Viewer access for the application domain.
- Users with EP Runtime Viewer access can request application promotion (including application updates and removals) to Solace modeled event meshes in an environment, provided that they also have at least Application Domain Editor access to the application domain containing the application. The promotion must be approved by an Administrator, Event Portal Manager, or a user with EP Runtime Approver access to the environment. For more information, see Reviewing Promotions to Event Brokers.
- EP Runtime Viewers cannot promote applications to Kafka modeled event meshes.
- EP Runtime Editor
- Event Portal Users with EP Runtime Editor access to an environment can perform the same functions as users with EP Runtime Viewer access. They can also perform these functions:
- promote applications (including application updates and removals) to the environment without requiring approval, provided that they also have at least Application Domain Editor access to the application domain containing the application.
- rearrange the graph layout
- EP Runtime Approver
- Event Portal Users with EP Runtime Approver access to an environment can perform the same functions as users with EP Runtime Editor access. They can also approve application promotion requests to Solace modeled event meshes from other users.
For more information about setting application domain access for Event Portal Users, see Providing User Access to an Application Domain.
For more information about setting environment access for Event Portal Users, see Setting User Access to Environments.
The following table explains the scope of each role and access level:
| Role | Administrator | Event Portal Manager | Event Portal User without additional access |
|---|---|---|---|
|
Assign Event Portal Manager and Event Portal User roles |
|
|
|
|
View Solace Cloud users and roles |
|
|
|
|
Assign application domain and environment access to users with the Event Portal User role |
|
|
|
|
Designer access |
|
|
|
|
Create and delete custom attributes |
|
|
|
|
Export and import application domains |
|
|
|
|
Enable deletion protection for application domains |
|
|
|
|
Runtime Event Manager access |
|
|
Limited access1 |
|
Open modeled event meshes |
|
|
|
|
Create and manage configuration templates |
|
|
|
|
Promote applications to environments |
|
|
|
|
Approve application promotion requests |
|
|
|
|
Catalog access |
|
|
Limited access2 |
|
KPI Dashboard access |
|
|
Limited access2 |
- No access to the Event Management Agent tab.
- Information displayed is limited to application domains with at least Viewer level access, shared events, and shared schemas .
The following table explains the scope of the access levels for Event Portal Users:
| Role | Event Portal User with Application Domain Manager Access | Event Portal User with Application Domain Editor | Event Portal User with Application Domain Viewer Access | Event Portal User with Event Access Approver Access | Event Portal User with EP Runtime ApproverAccess | Event Portal User with EP Runtime Editor Access | Event Portal User with EP Runtime Viewer Access |
|---|---|---|---|---|---|---|---|
| Scope of Operation | Application Domain | Modeled Event Mesh | |||||
|
Assign application domain access to users with the Event Portal User role |
|
|
|
|
|
|
|
|
Designer access |
|
|
|
|
|
|
|
|
Open application domains |
|
|
|
|
|
|
|
|
Add, edit, and delete objects in application domains |
|
|
|
|
|
|
|
|
Update application domain attributes |
|
|
|
|
|
|
|
|
Create and delete custom attributes |
Limited access1 |
|
|
|
|
|
|
|
Runtime Event Manager access |
Limited access2 |
Limited access2 |
Limited access2 |
Limited access2 |
Limited access2 |
Limited access2 |
Limited access2 |
|
Open modeled event meshes |
|
|
|
|
|
|
|
|
Promote applications to modeled event meshes without approval 3 |
 3 |
3 |
|
|
|
|
4 |
|
Request application promotion |
3
|
3
|
|
|
|
|
4
|
|
Approve or deny application promotion requests |
|
|
|
|
|
|
|
|
Approve or decline event access requests |
|
|
|
|
|
|
|
|
Create event access requests |
|
|
|
|
|
|
|
|
View event access requests |
|
|
|
|
|
|
|
- Custom attributes for individual application domains only. Event Portal Users with Manager level access can't create and delete custom attributes that apply to all application domains.
- No access to Event Management Agents or configuration templates.
- Event Portal Users must have at least EP Runtime Editor access to the environment containing the modeled event mesh and at least Application Domain Editor access to the application domain to promote applications to the modeled event mesh without requesting approval.
- Event Portal Users with EP Runtime Viewer access to an environment and at least Application Domain Editor access to the application domain can request application promotion to a Solace modeled event mesh in the environment. They cannot promote applications to Kafka modeled event meshes.