You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 81 Next »


Overview

In the Armor Management Portal (AMP)roles are similar to job titles that you can create and assign to your users. When you create a new role, you can populate that role with specific permissions. These permissions determine the type of access a user has in AMP.  For example, you can create an Accounting role, and then you can add specific permissions to only give the user access to accounting-related features in AMP, such as the permission to view and edit the Invoices screen.  

When you create a new user, you must assign that user a role.

By default, Armor offers three default roles with specific permissions already enabled: 

  • Admin
  • Technical 
  • Billing

For your convenience, when you create a new user, you can assign a default role to the new user; however, you cannot edit the permissions within these default roles.

You can also create a new role, and then populate that role with your specified permissions. 

 Permissions in the Admin role

By default, the Admin role contains every permissions. The Admin role is automatically assigned to a new administrator account.

 Permissions in the Billing role

By default the Billing role contains the following permissions: 

PermissionDescription

Read Entity Metadata

View notes and tags
Read IdentityView account information
Read WorkloadsView account workloads
Read Payment InformationView payment information

Write Payment Information

Update payment information
Read ComplianceView vulnerability scanning product information
Read AVAMView Malware Protection detail
Read Dashboard StatisticsView the data that populates the security dashboard
Read FIMView File Integrity Monitoring details.
Read Connections
Read FirewallView account firewall rules
Update Personal IdentityUpdate the challenge phrase and challenge response
View InvoicesView the invoices associated with your account
Read Network IPView account IP allocations and assignments
Read Network L2LView L2L network tunnels
View Core LicenseView core license information for your account
Read LocationsView locations available for this account
Read LogManagementView Log Management information
Read LogSearchView Log Search information
Read MonitoringView account resources
Read Network NatView DNAT assignments per VM.
Read Network BandwidthView network transfer history
Write Entity MetadataUpdates notes and tags
Read NotificationsView account notifications
Read OrdersView account resources
Read OS PackagesView OS patching details
Read Product CatalogRead Product Catalog
Global SearchPerform Global Search
Read Endpoints
Read SSL VPN Devices and UsersView SSL VPN account users and details
Read Virtual Machine StatsView graph data for virtual machines
Read StorageView disk and storage information for the account
View SubscriptionsView subscriptions for your account
Read TasksView task information
Read TemplatesView template details
Read TicketsView open tickets in your account
Write TicketsCreate a support ticket
Read Virtual Data CentersView account virtual data center details.
Read Server Replication
Read Virtual MachinesView virtual machine details
View Vulnerability ScansView vulnerability scanning report details
 Permissions in the Technical role

By default the Technical role contains the following permissions: 

PermissionDescription
Read Entity MetadataView notes and tags

Read Identity

View account information

Read Workloads

View account workloads

Write Workload

Create, update, and remove account workloads

Read Compliance

View vulnerability scanning product information

Write Compliance

Update (upgrade, downgrade or delete) vulnerability scanning options

Read AVAM

View Malware Protection detail

Read Dashboard Statistics

View the data that populates the security dashboard

Read FIM

View File Integrity Monitoring details.

Read Connections


Write Connectors


Read Firewall

View firewall rules

Write Firewall

Add and update firewall rules

Update Personal Identity

Update the challenge phrase and challenge response

Read Network IP

View IP address allocations and assignments

Write Network IP

Add, update, and remove IP address assignments

Read Network L2L

View L2L network tunnels

Write Network L2L

Add, update, and remove L2L tunnels

View Core License

View core license information for your account

Read Locations

View locations available for this account

Read LogManagement

View Log Management information

Read LogSearch

View Log Search information

Write LogManagement

Update log management services

Read Monitoring

View account resources

Read Network Nat

View DNAT assignments per virtual machine

Write Network Nat

Add and remove DNAT assignments

Read Network Bandwidth

View network transfer history

Write Entity Metadata

Updates notes and tags

Read Notifications

View account notifications

Read Orders

View account resources

Write Orders

Add additional account resources

Read OS Packages

View OS patching details

Read Product Catalog

View available products to add to your account

Global Search

Search throughout AMP for various resource needs

Write Secret


Read Endpoints


Read SSL VPN Devices and Users

View SSL VPN users and details

Read Virtual Machine Stats

View graph data for virtual machines

Read Storage

View disk and storage information for the account

View Subscriptions

View current subscriptions for your account

Write Subscriptions

Add subscriptions to your account

Read Tasks

View task information

Write Tasks

Write task information

Read Templates

View template details

Write Templates

Create, update, and remove account templates

Read Tickets

View open tickets

Write Tickets

Create a support ticket

Read Virtual Data Centers


Read Server Replication


Read Virtual Machines

View virtual machine details

Scale Virtual Machine

Upgrade or downgrade the size of a virtual machine

Write Server Replication


Write Virtual Machine

Create, update, and remove account virtual virtual machines
View Vulnerability ScanView vulnerability scanning report details



Create a role and add permissions

Error rendering macro 'excerpt-include'

No link could be created for 'Create a role and add permissions (snippet)'.

 


Assign a role to an existing user account

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Under the name of the role, click Members
  5. Click Edit Members
  6. Select and drag the desired user to the Chosen column. 
  7. Click the X at the top, right corner.  

Update a permission for a role 

Remember, when you update the permissions for a role, the users assigned to that role will automatically be able to use the newly added permissions.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. Locate and select the desired role. 
  4. Select or deselect the desired permissions. 
  5. Click Save Role

Remove a role for a newly created or existing user

After you create a user account with an assigned role, the new user will receive an email to complete the login process. During this time, the account administrator has limited access to that user account; however, the account administrator can still update roles and permissions for the new user. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account
  2. Click Roles + Permissions
  3. In the search bar, enter the name of the newly created user, and then hit Enter. The table shows a list of roles associated with that user. 
  4. Locate and select the desired role. 
  5. Under the name of the role, click Members
  6. Click Edit Members
  7. Select and drag the desired user to the Chosen column. 
  8. Click the X at the top, right corner. 

Review available permissions

Review the following table to understand the permissions available for you to add to your Roles

PermissionSystemResourceDescriptionRecommended roleProduct compatibility
Read Network BandwidthNetworkNetworkView network transfer historyTechnicalArmor Complete - Secure Hosting
Read FirewallNetworkFirewallView firewall rulesTechnicalArmor Complete - Secure Hosting
Write FirewallNetworkFirewallAdd and update firewall rulesTechnicalArmor Complete - Secure Hosting
Read Network IPNetworkIPView IP address allocations and assignmentsTechnicalArmor Complete - Secure Hosting
Write Network IPNetworkIPAdd, update, and remove IP address assignmentsTechnicalArmor Complete - Secure Hosting
Read Network L2LNetworkL2LView L2L network tunnelsTechnicalArmor Complete - Secure Hosting
Write Network L2LNetworkL2LAdd, update, and remove L2L tunnelsTechnicalArmor Complete - Secure Hosting
Read Network NATNetworkNATView DNAT assignments per virtual machineTechnicalArmor Complete - Secure Hosting
Write Network NATNetworkNATAdd and remove DNAT assignmentsTechnicalArmor Complete - Secure Hosting
Read SSL VPN Devices and UsersNetworkSSL VPNView SSL VPN users and detailsTechnicalArmor Complete - Secure Hosting
Write SSL VPN Devices and UserNetworkSSL VPNEnable SSL VPN for usersTechnicalArmor Complete - Secure Hosting
Read IdentityIdentityAccountsView account informationTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Update Personal IdentityIdentityIdentityUpdate the challenge phrase and challenge responseTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write AccountIdentityAccountsUpdate account informationTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Update Customer PasswordsIdentityRolesUpdate another user's passwordTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write IdentityIdentityRolesUpdate account informationTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read Workload(s)VPCAPPView account workloadsTechnicalArmor Complete - Secure Hosting
Write WorkloadVPCAPPCreate, update, and remove account workloadsTechnicalArmor Complete - Secure Hosting
Read Location(s)VPCLocationView locations available for this accountTechnicalArmor Complete - Secure Hosting
Read MonitoringVPCMonitoringView account resourcesTechnicalArmor Complete - Secure Hosting
Read Virtual Machine StatsVPCStatsView graph data for virtual machinesTechnicalArmor Complete - Secure Hosting
Read StorageVPCStorageView disk and storage information for the accountTechnicalArmor Complete - Secure Hosting
Read Template(s)VPCTemplateView template detailsTechnicalArmor Complete - Secure Hosting
Write TemplateVPCTemplateCreate, update, and remove account templatesTechnicalArmor Complete - Secure Hosting
Read Virtual Machine(s)VPCVMSView virtual machine detailsTechnicalArmor Complete - Secure Hosting
Scale Virtual MachineVPCVMSUpgrade or downgrade the size of a virtual machine.TechnicalArmor Complete - Secure Hosting
Write Virtual MachineVPCVMSCreate, update, and remove account virtual virtual machinesTechnicalArmor Complete - Secure Hosting
Read Server ReplicationVPCVMS
Technical
Write Server ReplicationVPCVMS
Technical
Update Payment InformationAccountBillingView, create, edit, and delete payment information.Billing / Accounting

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read Payment InformationAccountBillingView payment information.Billing / Accounting

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read ConnectionsAccountConnections

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write ConnectorsAccountConnectors

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read OrdersAccountOrdersView account resourcesBilling / Accounting

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write OrdersAccountOrdersAdd additional account resourcesBilling / Accounting

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write SecretAccountSecret
Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read ComplianceComplianceComplianceView vulnerability scanning product informationTechnical

Armor Complete - Secure Hosting

Write ComplianceComplianceComplianceUpdate (upgrade, downgrade or delete) vulnerability scanning optionsTechnical

Armor Complete - Secure Hosting

Read AVAMCoreConnectionView Malware Protection detailTechnicalArmor Anywhere - Security
Read Dashboard StatisticsCoreConnectionView the data that populates the security dashboardTechnicalArmor Anywhere - Security
Read FIMCoreConnectionView File Integrity Monitoring details.TechnicalArmor Anywhere - Security
View Core LicenseCoreLicensingView core license information for your accountTechnicalArmor Anywhere - Security
Read LogManagementCoreLogsView Log Management informationTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read LogSearchCoreLogsView Log Search informationTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write LogManagementCoreLogsUpdate log management servicesTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read OS PackagesCorePackagesView OS patching detailsTechnical

Armor Complete - Secure Hosting

Armor Anywhere - Security

View Vulnerability ScansCoreVulnerability ScanningView vulnerability scanning report detailsTechnicalArmor Anywhere - Security
View InvoicesBillingInvoicesView the invoices associated with your account

Billing / Accounting

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read Product CatalogBillingProductsView available products to add to your account

Billing / Accounting

Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

View SubscriptionBillingSubscriptionsView current subscriptions for your account

Billing / Accounting

Technical

Armor Complete - Secure Hosting
Write SubscriptionsBillingSubscriptionsAdd subscriptions to your account

Billing / Accounting

Technical

Armor Complete - Secure Hosting
Read Entity MetadataMetaNoteView notes and tagsTechnicalArmor Complete - Secure Hosting
Write Entity MetadataMetaNoteUpdates notes and tagsTechnicalArmor Complete - Secure Hosting
Read TasksMetaTaskView task informationTechnicalArmor Complete - Secure Hosting
Write TasksMetaTaskWrite task informationTechnicalArmor Complete - Secure Hosting
Read Notification(s)NotificationNotifications

View account notifications

Billing / Accounting

Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read Ticket(s)TicketTicketsView open tickets

Billing / Accounting

Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Write Ticket(s)TicketTicketsCreate a support ticket

Billing / Accounting

Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Global SearchSearchSearchSearch throughout AMP for various resource needs

Billing / Accounting

Technical

Armor Complete - Secure Hosting

Armor Anywhere - Security

Read Endpoint(s)ArmorSecurityendpoints
Technical