Introduction

Role-Based Access Control (RBAC) is an important aspect for any administrator to manage OpsRamp functionality and determine who can access what functionality and resources. The RBAC allows you to restrict the accessibility of OpsRamp resources depending on the roles and permissions of the users in your organization.

Implementing RBAC in your organization can help you maintain security and restrict unwanted access to any important information depending on their role in your organization. 

  • Manage hundreds of users in your organization in an effective manner.
  • Maintain the security of confidential information by restricting access and avoiding chances of data breach or leakage.
  • Manage roles when you add a new user or terminate a new user. 

Multiple roles can be created and assign roles to users based on their responsibilities. RBAC allows you to:

  • Control the way the users in your organization access, view and manage data.
  • Restrict the activities that a user can do based on their role, user group, credentials, devices, device groups, permissions, and permission sets.

Roles

Implementing roles for users provides an insight into what action can each user do in an organization. Roles makes it easier for administrators to manage their users and organization.

Role scenario

An organization has separate administration teams to manage servers and network devices.

  • The server administrator group wants users in the server team to view all devices but manage and administer only server devices.
  • The network administrator wants users in the network team to view all devices but manage and administer only network devices.

Solution
You can assign a manage role to server administrator and network administrator groups on all devices within their groups. Similarly, assign a View role to server administrator and network administrator groups on all the devices pertaining to another group.

Permission Sets

  You can apply permission sets within the partner scope or client scope.
If you have selected a client, you can assign permission sets either to all clients or a single client in your organization. The permission sets let you control the level of accessibility for each user.