Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 56 Next »


Overview

In the Armor Management Portal (AMP)roles are similar to job titles that you can create and assign to your users. After you create a role, you can populate that role with specific permissions. For example, you can create a Billing role, and then you can add specific permissions that will give the assigned user permission to access billing-related permissions, such as Update Payment Information

To learn more about Roles and Permissions, see Roles and Permissions.

By default, a new administrator account contains an Admin role with all the available permissions selected.   

When you create a new user account, you must assign that user a role. Armor recommends that you create a default role that you can assign to a customer in order to complete the account-creation process.

Some popular roles to consider are Administrator, Audit, Billing, and Technical. 

To learn more about Roles and Permissions, see Roles and Permissions.



Create a role and add permissions

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Click the plus ( + ) icon. 
  4. In the top, right corner of the screen, hover over the gear icon. 
  5. Click the blue pencil (Rename) icon.
  6. In the window that appears, enter a descriptive name, and then click Rename Role.
  7. In the top menu, click Members
  8. In the field, enter and select the user (or users) to assign to the role. 
  9. In the top menu, click Permissions
  10. Mark the permissions to add to your role. 
  11. At the bottom of the screen, click Save Role
 


Assign a role to an existing user account

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Under the name of the role, click Members
  5. Click Edit Members
  6. Select and drag the desired user to the Chosen column. 
  7. Click the X at the top, right corner.  

Update a permission for a role 

Remember, when you update the permissions for a role, the users assigned to that role will automatically be able to use the newly added permissions.


  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Select or deselect the desired permissions. 
  5. Click Save Role

Remove a role for a newly created or existing user

After you create a user account with an assigned role, the new user will receive an email to complete the login process. During this time, the account administrator has limited access to that user account; however, the account administrator can still update roles and permissions for the new user. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. In the search bar, enter the name of the newly created user, and then hit Enter. The table shows a list of roles associated with that user. 
  4. Locate and select the desired role. 
  5. Under the name of the role, click Members
  6. Click Edit Members
  7. Select and drag the desired user to the Chosen column. 
  8. Click the X at the top, right corner. 

Review available permissions

Review the following table to understand the permissions available for you to add to your Roles


Specific permissionDescriptionSuggested role
Read Orders

View account resources.

Technical, Billing
Write OrdersAdd additional account resources.Billing
Read Endpoint(s)

Write Endpoint(s)

Read Subscriber Key(s)

Write Subscriber Key(s)

Read Subscriber(s)

Write Subscriber(s)

Read IdentityView account information.Technical, Billing,
Write IdentityUpdate account information.Technical, Billing
Read Entity MetadataView notes and tags throughout the portalTechnical, Billing
Write Entity MetadataUpdate notes and tags throughout the portalTechnical, Billing
Read FirewallView account firewall rulesTechnical, Billing
Write FirewallAdd and edit account firewall rulesTechnical
Read Network IPView account IP allocations and assignments.Technical, Billing
Write Network IPAdd, Update, and remove IP assignments throughout the account.Technical
Read Network L2LView L2L network tunnelsTechnical, Billing
Write Network L2LAdd, Update, and remove L2L tunnelsTechnical
Read Network NatView DNAT assignments per VM.Technical, Billing
Write Network NatAdd and remove DNAT assignments.Technical
Read Network BandwidthView network transfer history.Technical, Billing
Read Notification(s)View account notifications.Technical, Billing
Read Ticket(s)View account tickets.Technical, Billing
Write Ticket(s)Create and update tickets, related servers, and recipients.Technical, Billing
Read Workload(s)View account workloads.Technical, Billing
Write WorkloadCreate, update, and remove account workloads.Technical
Read Location(s)Discover locations available for the account.Technical, Billing
Read MonitoringView account resources.Technical, Billing
Read AutoScaleView autoscale settings for workloads and VMs.
Write AutoScaleSet autoscale settings for workloads and VMs.
Read Virtual Machine StatsView graph data for VMs.Technical, Billing
Read StorageView disk and storage information for the account.Technical, Billing
Read Virtual Machine(s)View VM details.Technical, Billing
Write Virtual MachineCreate, update, and remove account VMs.Technical
Read Template(s)View template details.Technical, Billing
Write TemplateCreate, update, and remove account templates.Technical
Read Virtual Data CentersView account virtual data center details.
Write Virtual Data CentersCreate, edit, and remove account virtual data centers.
Read Connections

Write Connections

Write Secret

Read FIMView file integrity detailsTechnical, Billing
Read AVAMView antivirus and anti-malware (malware protection) detailsTechnical, Billing
Read Dashboard StatisticsView main security dashboardTechnical, Billing
Read OS PackagesView OS patching detailsTechnical, Billing
Read SSL VPN Devices and UsersView SSLVPN account users and detailsTechnical, Billing
Write SSL VPN Devices and UsersEnable SSLVPN for accoutn usersTechnical
Update Personal IdentityUpdate Personal IdentityTechnical, Billing
View Core LicenseView Core License InformationTechnical, Billing
Update Payment InformationView/Create/Edit/Delete Payment InformationBilling
Write OrdersAdd additional account resources
Update Customer PasswordsUpdate another user's password
Read AutoscaleView autoscale settings for workloads and VMs.
Read Storage
View disk and storage information for the account.

View SubscriptionsView Marketplace subscriptions
Read TasksView task information
Write TasksUpdate task information
NEW View InvoicesView Invoices
Read LogManagementView Log Management information
Read LogSearchView Log Search information
Write AccountUpdate account information
Read Product CatalogRead Product Catalog
Global SearchPerform Global Search
Write SubscriptionsWrite Subscriptions
Scale Virtual MachineScale up and down account VMs

               Read Network Bandwidth            Network              Network

               Read Identity     Identity Accounts

               Read Workload(s)            Vpc        App

               Write Workload               Vpc        App

               Update Payment Information     Account               Billing

               Read Compliance             Compliance         Compliance

               Write Compliance            Compliance         Compliance

               Read AVAM        Core      Connection

               Read Dashboard Statistics            Core      Connection

               Read FIM            Core      Connection

               Read Connections            Account               Connections

               Write Connectors            Account               Connectors

               Read Firewall     Network              Firewall

               Write Firewall    Network              Firewall

               Update Personal Identity              Identity Identity

               View Invoices     Billing    Invoices

               Read Network IP              Network              Ip

               Write Network IP             Network              Ip

               Read Network L2L           Network              L 2 L

               Write Network L2L          Network              L 2 L

               View Core License           Core      Licensing

               Read Location(s)              Vpc        Location

               Read LogManagement   Core      Logs

               Read LogSearch                Core      Logs

               Write LogManagement Core      Logs

               Read Monitoring              Vpc        Monitoring

               Read Network Nat           Network              Nat

               Write Network Nat          Network              Nat

               Write Account   Identity Accounts

               Read Entity Metadata    Meta     Note

               Write Entity Metadata   Meta     Note

               Read Notification(s)        Notification        Notifications

               Read Orders       Account               Orders

               Write Orders      Account               Orders

               Read OS Packages           Core      Package

               Read Product Catalog     Billing    Products

               Update Customer Passwords      Identity Roles

               Write Identity    Identity Roles

               Global Search    Search   Search

               Write Secret       Account               Secret

               Read Endpoint(s)             Armor    Securityendpoints

               Read SSL VPN Devices and Users               Network              Sslvpn

               Write SSL VPN Devices and Users              Network              Sslvpn

               Read Virtual Machine Stats          Vpc        Stats

               Read Storage     Vpc        Storage

               View Subscriptions          Billing    Subscriptions

               Write Subscriptions        Billing    Subscriptions

               Read Tasks          Meta     Task

               Write Tasks        Meta     Task

               Read Template(s)            Vpc        Template

               Write Template                Vpc        Template

               Read Ticket(s)    Ticket    Tickets

               Write Ticket(s)   Ticket    Tickets

               Read Virtual Machine(s)               Vpc        Vms

               Scale Virtual Machine     Vpc        Vms

               Write Virtual Machine    Vpc        Vms

               View Vulnerability Scans               Core      Vulnerabilityscanning




In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.