Create a New Role

You use roles to manage access control for user accounts in
VMware Telco Cloud Service Assurance
.
In this procedure, you add a new role and assign administrative permissions to the role.
  1. Navigate to
    Administration
    >
    Access
    >
    Roles
    .
  2. Click
    Add
    .
  3. Enter the
    Name
    of the role.
  4. Provide description about the role in the
    Description
    .
  5. In
    Policy Assignment
    section:
    1. Select the policy from the drop-down.
      Admin can select any policy from the list. Predefined policy "default_wo_filter" allow access to all data.
    2. Provide the name for the policy assignment.
    3. Provide the description for the policy assignment.
  6. In the
    Filter Details
    section select the proper value for the following:
    1. Select the required
      Property
      from the drop-down.
    2. Select the
      Expression
      type from the drop-down.
    3. Provide the
      Value
      .
    • For some specific boolean columns, select Yes or No from the drop-down.
    • For a selected integer or string column, provide the exact value as input.
    • To add multiple values for a single attribute, click "+" icon. The operation is "OR" between the values like ("ROUTER" "MATCHES" "SWITCH OR ROUTER "). To remove any attribute, click the cross icon.
    • Within the filter set, all operations are "AND" operations and between the filter set all operation are "OR" operation.
    • For one attribute, you can have multiple values.
  7. In the
    Remediation Details
    field, select
    Yes
    or
    No
    from the drop-down menu.
  8. In the
    Category
    field, select a category for the
    Remediation Details
    .
  9. Select a
    Group
    name, in the
    Group Assignment
    .
    Group name must match exactly with LDAP/KeyClock Group. Group names are case-sensitive.
  10. In the
    Permission Assignment
    section, select all required
    Page Access
    options from the
    Operation-UI
    tree.
    • You must select
      Cross-launch
      folder permission from the
      Dashboard & Reports
      option for the user to view the
      Health Dashboard
      in the
      Topology
      and
      Operations
      page.
    • Only default admin has the priviledge to configure
      Scheduled Report Exports
      . Other admins or users do not have the priviledge to configure
      Scheduled Report Exports
      . So you must not provide this page access to any roles.
  11. Click
    Assign Permissions
    .
  12. Click
    Save Role
    .
    The user will be able to view or edit the dashboards and reports based on the dashboards or folders that you select in step 10 and the permission you provide in step 11. If you select a dashboard in step 10 then the user will be able to view or edit that dashboard alone. If you select a folder in step 10 then the user will be able to view or edit all the dashboards available in that folder.