Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 63 Next »


Overview

In the Armor Management Portal (AMP)roles are similar to job titles that you can create and assign to your users. After you create a role, you can populate that role with specific permissions. For example, you can create a Billing role, and then you can add specific permissions that will give the assigned user permission to access billing-related permissions, such as Update Payment Information

To learn more about Roles and Permissions, see Roles and Permissions.

By default, a new administrator account contains an Admin role with all the available permissions selected.   

When you create a new user account, you must assign that user a role. Armor recommends that you create a default role that you can assign to a customer in order to complete the account-creation process.

Some popular roles to consider are Administrator, Audit, Billing, and Technical. 

To learn more about Roles and Permissions, see Roles and Permissions.



Create a role and add permissions

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Click the plus ( + ) icon. 
  4. In the top, right corner of the screen, hover over the gear icon. 
  5. Click the blue pencil (Rename) icon.
  6. In the window that appears, enter a descriptive name, and then click Rename Role.
  7. In the top menu, click Members
  8. In the field, enter and select the user (or users) to assign to the role. 
  9. In the top menu, click Permissions
  10. Mark the permissions to add to your role. 
  11. At the bottom of the screen, click Save Role
 


Assign a role to an existing user account

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Under the name of the role, click Members
  5. Click Edit Members
  6. Select and drag the desired user to the Chosen column. 
  7. Click the X at the top, right corner.  

Update a permission for a role 

Remember, when you update the permissions for a role, the users assigned to that role will automatically be able to use the newly added permissions.


  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Select or deselect the desired permissions. 
  5. Click Save Role

Remove a role for a newly created or existing user

After you create a user account with an assigned role, the new user will receive an email to complete the login process. During this time, the account administrator has limited access to that user account; however, the account administrator can still update roles and permissions for the new user. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. In the search bar, enter the name of the newly created user, and then hit Enter. The table shows a list of roles associated with that user. 
  4. Locate and select the desired role. 
  5. Under the name of the role, click Members
  6. Click Edit Members
  7. Select and drag the desired user to the Chosen column. 
  8. Click the X at the top, right corner. 

Review available permissions

Review the following table to understand the permissions available for you to add to your Roles


Specific permissionDescriptionSuggested role
Read Orders

View account resources.

Technical, Billing
Write OrdersAdd additional account resources.Billing
Read Endpoint(s)

Write Endpoint(s)

Read Subscriber Key(s)

Write Subscriber Key(s)

Read Subscriber(s)

Write Subscriber(s)

Read IdentityView account information.Technical, Billing,
Write IdentityUpdate account information.Technical, Billing
Read Entity MetadataView notes and tags throughout the portalTechnical, Billing
Write Entity MetadataUpdate notes and tags throughout the portalTechnical, Billing
Read FirewallView account firewall rulesTechnical, Billing
Write FirewallAdd and edit account firewall rulesTechnical
Read Network IPView account IP allocations and assignments.Technical, Billing
Write Network IPAdd, Update, and remove IP assignments throughout the account.Technical
Read Network L2LView L2L network tunnelsTechnical, Billing
Write Network L2LAdd, Update, and remove L2L tunnelsTechnical
Read Network NatView DNAT assignments per VM.Technical, Billing
Write Network NatAdd and remove DNAT assignments.Technical
Read Network BandwidthView network transfer history.Technical, Billing
Read Notification(s)View account notifications.Technical, Billing
Read Ticket(s)View account tickets.Technical, Billing
Write Ticket(s)Create and update tickets, related servers, and recipients.Technical, Billing
Read Workload(s)View account workloads.Technical, Billing
Write WorkloadCreate, update, and remove account workloads.Technical
Read Location(s)Discover locations available for the account.Technical, Billing
Read MonitoringView account resources.Technical, Billing
Read AutoScaleView autoscale settings for workloads and VMs.
Write AutoScaleSet autoscale settings for workloads and VMs.
Read Virtual Machine StatsView graph data for VMs.Technical, Billing
Read StorageView disk and storage information for the account.Technical, Billing
Read Virtual Machine(s)View VM details.Technical, Billing
Write Virtual MachineCreate, update, and remove account VMs.Technical
Read Template(s)View template details.Technical, Billing
Write TemplateCreate, update, and remove account templates.Technical
Read Virtual Data CentersView account virtual data center details.
Write Virtual Data CentersCreate, edit, and remove account virtual data centers.
Read Connections

Write Connections

Write Secret

Read FIMView file integrity detailsTechnical, Billing
Read AVAMView antivirus and anti-malware (malware protection) detailsTechnical, Billing
Read Dashboard StatisticsView main security dashboardTechnical, Billing
Read OS PackagesView OS patching detailsTechnical, Billing
Read SSL VPN Devices and UsersView SSLVPN account users and detailsTechnical, Billing
Write SSL VPN Devices and UsersEnable SSLVPN for accoutn usersTechnical
Update Personal IdentityUpdate Personal IdentityTechnical, Billing
View Core LicenseView Core License InformationTechnical, Billing
Update Payment InformationView/Create/Edit/Delete Payment InformationBilling
Write OrdersAdd additional account resources
Update Customer PasswordsUpdate another user's password
Read AutoscaleView autoscale settings for workloads and VMs.
Read Storage
View disk and storage information for the account.

View SubscriptionsView Marketplace subscriptions
Read TasksView task information
Write TasksUpdate task information
NEW View InvoicesView Invoices
Read LogManagementView Log Management information
Read LogSearchView Log Search information
Write AccountUpdate account information
Read Product CatalogRead Product Catalog
Global SearchPerform Global Search
Write SubscriptionsWrite Subscriptions
Scale Virtual MachineScale up and down account VMs

            




In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.