You have a group of users you only want to see certain objects in Aria Operations, say for example a group supports everything in only one of the vCenters Aria Operations is monitoring, how can I limit what they see? Here's how: all screenshots are taken from Aria Operations 8.18.1.
Go to Administration - Control Panel - Access Control.
Once there you'll notice User Accounts, User Groups, Roles, and Scopes.
User Accounts lets you create users and/or import them from an external source.
User Groups allows you to manage existing groups, create new ones, and/or import them from an external source.
Roles allows you to defines roles which you can assign to User Groups.
Scopes allows you to define what certain Users and/or User Groups see and what they don't.
In our case, we have a group of Administrators that are responsible for a certain vCenter and its contents, so we'll use Scopes to limit what they can see. Got to Scopes and click ADD.
The left pane lists the Object Hierarchies, which is basically the list of Object Types. Selecting Adapter Instance for example, which shows you the configured Adapter Instances on the right. To limit the Scope to just the vCenter we want, I've selected that vCenter Adapter Instance. You can select additional Object Hierarchies if you'd like. Once complete, you'll have a Scope defined.
You can now use this Scope within a User or a User Group. For example, if I'd like to assign this Scope to my own account, it would look like this.
Notice you can also include Roles here, which is a nice way to give people Adminstrator access or just View access if you'd prefer. So now when I login with my own account, I see only the objects related to the vCenter I exposed.
There are countless ways to configure Scopes and Roles to give just the access you want and no more.
Comentários