Managing Accounts, Roles, and Permissions
On this page, we will discuss how to manage accounts, assign roles, and set permissions to allow or deny access to different sets of event broker services.
The PubSub+ Cloud user management system has the following components:
- Users: Add, edit, and delete users. Manage the actions users perform by assigning them roles and controlling user activity through permissions.
- Roles: Users can have different roles—Administrator, Cluster Manager Editor, Cluster Manager Viewer, and Billing Administrator—in separate accounts
- Permissions: Provide your users with different access and permissions.
Your organization may have different subscriptions for different purposes; for example, production, development, quality assurance, and so on. You can add users to one or more environments. This mechanism also allows you to segregate your user bases, such as separating contractors, sales engineers, and different professional services groups.
Let's first understand the different Roles and Permissions you can use to manage access for other users within your organization. We will then look at some of the tasks you can perform through the User Management system in the console.
Roles and permissions provide different levels of access to users based on the task they perform. You can assign users one or more roles, and have different permissions associated with each role. For example, you can assign a user with the Cluster Manager Editor role and deny access to Event Portal. Likewise, another user can be a Cluster Manager Viewer and have access to Event Portal as an Editor.
The following are the roles in PubSub+ Cloud:
Administrator: Can create, manage and delete users and services, and grant or deny access to Event Portal
Cluster Manager Editor: Can create and delete their own services, and view services owned by others. Cluster Manager editors can also be granted access to Event Portal as an editor or a viewer.
Cluster Manager Viewer: Can view service details, but cannot edit or delete any service. Cluster Manager Viewer can also be granted access to Event Portal as an editor or a viewer.
Billing Administrator: Can view and configure billing settings.
Event Portal Editor: Can view, create and modify Event Portal architectures.
Event Portal Viewer: Can view Event Portal architectures.
As an account administrator, you can edit and manage roles and permissions through the User Management interface. Refer to Editing Roles and Permissions to learn how you can assign roles and set permissions.
User management in PubSub+ Cloud enterprise account involves a wide range of functionality, such as adding and deleting users, managing user roles, and controlling user activity through permissions. The user management dashboard provides account administrators with a high-level view of the user, roles, permissions, and the services they own.
In the next few topics, we walk your thought some of the user management tasks such as adding new users, deleting users, and editing roles and permissions. You can also perform these tasks using the PubSub+ REST API. For instructions, see Managing Users with the PubSub+ Cloud REST API.
In the following tutorial, we walk you through the steps to add a new user to an account.
To add a new user to an account, do the following:
- Navigate to the Account Details section.
- Select User Management, and click the Invite User button.
- Fill the Email Address field.
- Optionally, you can also change the default User Roles setting. For more information on this, see Editing Roles and Permissions.
- Click Send Invitation.
The user will receive a confirmation email with an account activation link.
Once you've added a new user to an account, the account status will show as Pending Activation until the user clicks the account activation link in the email. As a reminder, you can resend the account activation email.
To resend the account activation email, click the Re-send Invitation Email link and follow the prompt.
As an account administrator, you can edit the roles and permissions of any user at any point. You can edit the default settings when adding a new user or edit the roles and permissions of an existing user.
To edit the roles and permissions, do the following.
- Navigation to Account Details > User Management.
- Identify the user whose roles you want edit. You can use the search field to quickly find the user's account.
- Click the edit user icon.
- On the dialog that appears, update the roles and permission as required.
- Click Save.
Account administrators can delete any user from an account. To delete a user from an account, do the following:
- Navigate to the Account Details > User Management
- Find the user you want to delete from the account.
- Click the delete icon.
- If the user owns any service, reassign the service to yourself or another user.
- Click Confirm.
The user will be permanently deleted from the account. You can always add the user back.