9.2 Cloud Manager Roles
A user must have one or more Cloud Manager roles in order to do anything in Cloud Manager. There are nine Cloud Manager roles. All nine roles can be given to System users, while only four of the roles can be given to Organization members. Each role carries its own set of rights and responsibilities for the Cloud Manager system or for an organization within the system.
9.2.1 Descriptions
There are eleven roles that you can hold as a System user. Each role carries its own set of responsibilities for the Cloud Manager system or for an organization within the system.
-
Cloud Administrator: Has full rights to the Cloud Manager system. Can perform all tasks in the system
-
Zone Administrator: Has rights to manage the resources for one or more assigned zones. Only System users can be Zone Administrators.
-
Catalog Manager: Has rights to create, modify, and delete workload templates. Workload templates must be assigned to organizations by the Cloud Administrator.
-
Approver: Has rights to approve or deny a business service request based on available zone and organization resource capacity.
-
Build Administrator: Has rights to complete pre-build and post-build configuration for workloads in requested business services.
-
Business Group Viewer: Has rights to view business services for a business group.
-
Business Service Owner: Has rights to create, modify, and delete business services for an organization or for specific business groups within an organization.
-
Organization Manager: Has rights to manage users, roles, resource assignments, and business services within an assigned organization. Both System users and Organization users can be Organization Managers. System users can be assigned as Organization Managers in multiple organizations. Organization users can be assigned as Organization Managers only in their own organization.
-
Sales Manager: Has rights to view users, roles, resource assignments, and business services within an assigned organization. Both System users and Organization users can be Sales Managers. System users can be assigned as Sales Managers in multiple organizations. Organization users can be assigned as Sales Managers only in their own organization. Can create quotes for an organization in Cloud Marketplace.
-
Sponsor: Has rights to approve or deny a business service request based on financial reasons.
-
System Viewer: Has rights to view anything in the Cloud Manager system, but cannot perform any tasks. Only System users can be System Viewers.
The following five roles are Organization roles. Both Organization users and System users can be assigned these roles.
-
Business Group Viewer: Has rights to view business services for a business group.
-
Business Service Owner: Has rights to create, modify, and delete business services for an organization or for specific business groups within an organization.
-
Organization Manager: Has rights to manage users, role assignments, resource assignments, and business services within an assigned organization. System users can be assigned as Organization Managers in multiple organizations. Organization users can be assigned as Organization Managers only in their own organization.
-
Sales Manager: Has rights to view users, roles, resource assignments, and business services within an assigned organization. Both System users and Organization users can be Sales Managers. System users can be assigned as Sales Managers in multiple organizations. Organization users can be assigned as Sales Managers only in their own organization. Can create quotes for an organization in Cloud Marketplace.
-
Sponsor: Has rights to approve or deny a business service request based on financial reasons.
9.2.2 Rights
Table 9-1 System Management
|
System Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
USERS |
|
|
|
|
|
|
|
|
|
|
|
|
Create System user accounts and user groups, either manually or by importing from an LDAP directory |
|
|
|
|
|
|
|
|
|
|
|
|
Modify System user and user group properties (e-mail, phone number, and so forth) |
|
|
|
|
|
|
|
|
|
|
|
|
ROLES |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Cloud Administrator role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Zone Administrator role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Catalog Manager role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Build Administrator role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Approver role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign System Viewer role |
|
|
|
|
|
|
|
|
|
|
|
|
CAPACITY & REPORTS |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for system |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for system |
|
|
|
|
|
|
|
|
|
|
|
Table 9-2 Zone Management
|
Zone Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Assign Zone Administrator role |
|
|
|
|
|
|
|
|
|
|
|
|
Create, modify, and delete zones |
|
|
|
|
|
|
|
|
|
|
|
|
Create, modify, and delete resource groups for zones |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for zones |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for zones |
|
|
|
|
|
|
|
|
|
|
|
Table 9-3 Organization Management
|
Organization Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
USERS |
|
|
|
|
|
|
|
|
|
|
|
|
Create Organization user accounts and user groups, either manually or by importing from an LDAP directory |
|
|
|
|
|
|
|
|
|
|
|
|
Modify Organization user and user group properties (e-mail, phone number, etc.) |
|
|
|
|
|
|
|
|
|
|
|
|
ROLES |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Organization Manager role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Sponsor role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Business Group View role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Business Service Owner role |
|
|
|
|
|
|
|
|
|
|
|
|
Assign Sales Manager role |
|
|
|
|
|
|
|
|
|
|
|
|
ORGANIZATIONS |
|
|
|
|
|
|
|
|
|
|
|
|
Create modify, and delete organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Assign a cost factor (discount or markup) to organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Assign resource groups to organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Assign workload templates to organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Assign networks to organizations |
|
|
|
|
|
|
|
|
|
|
|
|
BUSINESS GROUPS |
|
|
|
|
|
|
|
|
|
|
|
|
Create modify, and delete business groups |
|
|
|
|
|
|
|
|
|
|
|
|
Assign workload templates from an organization to its business groups |
|
|
|
|
|
|
|
|
|
|
|
|
Assign resource groups from an organization to its business groups |
|
|
|
|
|
|
|
|
|
|
|
|
Assign networks from an organization to its business groups |
|
|
|
|
|
|
|
|
|
|
|
|
View information and business services for business groups |
|
|
|
|
|
|
|
|
|
|
|
|
CAPACITY & REPORTS |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for organizations |
|
|
|
|
|
|
|
|
|
|
|
* Applies only to an Organization Manager who is a System user. An Organization Manager who is a member of the organization cannot change the cost factor for the organization.
Table 9-4 Resource Management
|
Resource Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
RESOURCE GROUPS |
|
|
|
|
|
|
|
|
|
|
|
|
Create, modify, and delete resource groups |
|
|
|
|
|
|
|
|
|
|
|
|
Assign resource groups to organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Assign resource groups to an organization’s business groups |
|
|
|
|
|
|
|
|
|
|
|
|
SERVICE LEVELS |
|
|
|
|
|
|
|
|
|
|
|
|
Create modify, and delete service levels |
|
|
|
|
|
|
|
|
|
|
|
|
Create modify, and delete service level objectives |
|
|
|
|
|
|
|
|
|
|
|
|
Assign resource costs to service levels |
|
|
|
|
|
|
|
|
|
|
|
|
Assign service levels to resource groups |
|
|
|
|
|
|
|
|
|
|
|
|
CAPACITY & REPORTS |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for organizations |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for zones |
|
|
|
|
|
|
|
|
|
|
|
|
View resource capacity for the system |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for organizations |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for zones |
|
|
|
|
|
|
|
|
|
|
|
|
Generate resource capacity reports for the system |
|
|
|
|
|
|
|
|
|
|
|
Table 9-5 Catalog Management
|
Catalog Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Assign Catalog Managers |
|
|
|
|
|
|
|
|
|
|
|
|
Create, modify, and delete workload templates |
|
|
|
|
|
|
|
|
|
|
|
|
Assign workload templates to organizations |
|
|
|
|
|
|
|
|
|
|
|
Table 9-6 Business Service Management
|
Business Service Management Rights |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Import existing VMs as business services |
|
|
|
|
|
|
|
|
|
|
|
|
Request new business services |
|
|
|
|
|
|
|
|
|
|
|
|
Request changes to existing business services |
|
|
|
|
|
|
|
|
|
|
|
|
Provide Administrator approval or rejection of business service requests (new and change) |
|
|
|
|
|
|
|
|
|
|
|
|
Provide Sponsor approval or rejection of business service requests (new and change) |
|
|
|
|
|
|
|
|
|
|
|
|
Complete pre- and post-build workload configuration tasks for business service requests (new and change) |
|
|
|
|
|
|
|
|
|
|
|
|
Delegate business service ownership to other users |
|
|
|
|
|
|
|
|
|
|
|
|
Lifecycle business service workloads |
|
|
|
|
|
|
|
|
|
|
|
|
Remotely access business service workloads |
|
|
|
|
|
|
|
|
|
|
|
|
View business services |
|
|
|
|
|
|
|
|
|
|
|
|
Delete business services |
|
|
|
|
|
|
|
|
|
|
|