VMware Aria Automation 中的組織和服務使用者角色
VMware Aria Automation
中的組織和服務使用者角色為
Automation Assembler
、Automation Service Broker
和 Automation Pipelines
服務定義的組織和服務使用者角色,決定了使用者在每個服務中可以看到的內容和執行的動作。 組織使用者角色
由組織擁有者在
VMware Aria Automation
主控台中為組織定義使用者角色。有兩種類型的角色:組織角色和服務角色。 組織角色是全域性的,將套用至組織中的所有服務。組織層級的角色是「組織擁有者」或「組織成員」角色。
如需有關組織角色的詳細資訊,請參閱《管理 VMware Aria Automation》
在主控台的組織層級上,還會指派屬於服務專屬權限的
Automation Assembler
服務角色。服務角色
這些服務角色由組織擁有者指派。
本文包括有關以下服務的資訊。
Assembler Service Roles
The
Automation Assembler
service roles determine
what you can see and do in Automation Assembler
. These service roles are defined in the console by an
organization owner.Role | Description |
|---|---|
Assembler Administrator | A user who has read and write access to the entire
user interface and API resources. This is the only user role that
can see and do everything, including add cloud accounts, create new
projects, and assign a project administrator. |
Assembler User | A user who does not have the Assembler
Administrator role. In an Automation Assembler project, the
administrator adds users to projects as project members,
administrators, or viewers. The administrator can also add a
project administrator. |
Assembler Viewer | A user who has read access to see information but
cannot create, update, or delete values. This is a read-only role
across all projects in all the services. Users with the
viewer role can see all the information that is available to the
administrator. They cannot take any action unless you make them
a project administrator or a project member. If the user is
affiliated with a project, they have the permissions related to
the role. The project viewer would not extend their permissions
the way that the administrator or member role does. |
In addition to the service roles,
Automation Assembler
has project
roles. Any project is available in all of the services.The project roles are defined in
Automation Assembler
and can vary between projects. In the following tables, which tells you what
the different service and project roles can see and do, remember that the service
administrators have full permission on all areas of the user interface.
The descriptions of project roles will
help you decide what permissions to give your users.
- Project administrators leverage the infrastructure that is created by the service administrator to ensure that their project members have the resources they need for their development work.
- Project members work within their projects to design and deploy cloud templates. Your projects can include only resources that you own or resources that are shared with other project members.
- Project viewers are restricted to read-only access, except in a few cases where they can do non-destructive things like download cloud templates.
- Project supervisors are approvers inAutomation Service Brokerfor their projects where an approval policy is defined with a project supervisor approver. To provide the supervisor with context for approvals, consider also granting them the project member or viewer role.
UI Context | Task | Assembler Administrator | Assembler Viewer | Assembler User User must be a
project administrator or member to see and do project-related
tasks. | |||
|---|---|---|---|---|---|---|---|
Project Administrator | Project Member | Project Viewer | Project Supervisor | ||||
Access Assembler
| |||||||
Console | In the Automation console, you can see and open Assembler | Yes | Yes | Yes | Yes | Yes | Yes |
Infrastructure
| |||||||
See and open the Infrastructure tab | Yes | Yes | Yes | Yes | Yes | Yes | |
Administration - Projects | Create projects | Yes | |||||
Update, or delete values from project summary, provisioning,
Kubernetes, integrations, and test project configurations. | Yes | ||||||
Add users and groups, and assign roles in projects. | Yes | Yes. Your projects. | |||||
View projects | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | Yes. Your projects | |
Administration - Users and Groups | View the users and groups assigned to custom roles. | Yes | |||||
Administration - Custom Roles | Create custom user roles and assign them to users and groups. | Yes | |||||
Administration - Custom Names | Create custom resource names. | Yes | |||||
Administration - Secrets | Create and delete secret reusable properties. | Yes | |||||
Administration - Settings | Turn on or off internal settings. | Yes | |||||
Configure - Cloud Zones | Create, update, or delete cloud zones | Yes | |||||
View cloud zones | Yes | Yes | |||||
View cloud zone Insights dashboard | Yes | Yes | |||||
View cloud zones alerts | Yes | Yes | |||||
Configure - Kubernetes Zones | Create, update, or delete Kubernetes zones | Yes | |||||
View Kubernetes zones | Yes | Yes | |||||
Configure - Flavors | Create, update, or delete flavors | Yes | |||||
View flavors | Yes | Yes | |||||
Configure - Image Mappings | Create, update, or delete image mappings | Yes | |||||
View image mappings | Yes | Yes | |||||
Configure - Network Profiles | Create, update, or delete network profiles | Yes | |||||
View image network profiles | Yes | Yes | |||||
Configure - Storage Profiles | Create, update, or delete storage profiles | Yes | |||||
View image storage profiles | Yes | Yes | |||||
Configure - Pricing Cards | Create, update, or delete pricing cards | Yes | |||||
View the pricing cards | Yes | Yes | |||||
Configure - Tags | Create, update, or delete tags | Yes | |||||
View tags | Yes | Yes | |||||
Resources - Compute | Add tags to discovered compute resources | Yes | |||||
View discovered compute resources | Yes | Yes | |||||
Resources - Networks | Modify network tags, IP ranges, IP addresses | Yes | |||||
View discovered network resources | Yes | Yes | |||||
Resources - Security | Add tags to discovered security groups | Yes | |||||
View discovered security groups | Yes | Yes | |||||
Resources - Storage | Add tags to discovered storage | Yes | |||||
View storage | Yes | Yes | |||||
Resources - Kubernetes | Deploy or add Kubernetes clusters, and create or add
namespaces | Yes | |||||
View Kubernetes clusters and namespaces | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Activity - Requests | Delete deployment request records | Yes | |||||
View deployment request records | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Activity - Event Logs | View event logs | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | |
Connections - Cloud Accounts | Create, update, or delete cloud accounts | Yes | |||||
View cloud accounts | Yes | Yes | |||||
Connections - Integrations | Create, update, or delete integrations | Yes | |||||
View integrations | Yes | Yes | |||||
Onboarding | Create, update, or delete onboarding plans | Yes | |||||
View onboarding plans | Yes | Yes. Your projects | |||||
Extensibility
| |||||||
See and open the Extensibility tab | Yes | Yes | Yes | ||||
Events | View extensibility events | Yes | Yes | ||||
Subscriptions | Create, update, or delete extensibility subscriptions | Yes | |||||
Deactivate subscriptions | Yes | ||||||
View subscriptions | Yes | Yes | |||||
Library - Event topics | View event topics | Yes | Yes | ||||
Library - Actions | Create, update, or delete extensibility actions | Yes | |||||
View extensibility actions | Yes | Yes | |||||
Library - Workflows | View extensibility workflows | Yes | Yes | ||||
Activity - Action Runs | Cancel or delete extensibility action runs | Yes | |||||
View extensibility action runs | Yes | Yes | Yes. Your projects | ||||
Activity - Workflow Runs | View extensibility workflow runs | Yes | Yes | ||||
Design
| |||||||
Design | Open the Design tab | Yes | Yes | Yes. | Yes. | Yes. | Yes |
Cloud Templates | Create, update, and delete cloud templates | Yes | Yes. Your projects | Yes. Your projects | |||
View cloud templates | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Download cloud templates | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Upload cloud templates | Yes | Yes. Your projects | Yes. Your projects | ||||
Deploy cloud templates | Yes | Yes. Your projects | Yes. Your projects | ||||
Version and restore cloud templates | Yes | Yes. Your projects | Yes. Your projects | ||||
Release cloud templates to the catalog | Yes | Yes. Your projects | Yes. Your projects | ||||
Custom Resources | Create, update or delete custom resources | Yes | |||||
View custom resources | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Custom Actions | Create, update, or delete custom actions | Yes | |||||
View custom actions | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Resources
| |||||||
See and open the Resources tab | Yes | Yes | Yes | Yes | Yes | Yes | |
Deployments | View deployments
including deployment details, deployment history, price,
monitor, alerts, optimize, and troubleshooting information | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | |
Manage alerts | Yes | Yes. Your projects | Yes. your projects | ||||
Run day 2 actions on deployments based on policies | Yes | Yes. Your projects | Yes. Your projects | ||||
Resources - All Resources | View all discovered resources | Yes | Yes | ||||
Run day 2 actions on discovered resources. Actions available
only on machines and limited to power on and off for all
machines, and remote console for vSphere machines. | Yes | ||||||
Resources - All Resources | View deployed, onboarded, migrated resources | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |
Run Day 2 actions on deployed, onboarded, and migrated resources
based on policies | Yes | Yes | Yes. Your projects. | Yes. Your projects. | |||
Resources - Virtual Machines | View discovered machines | Yes | Yes | ||||
Run day 2 actions on discovered machines. Actions are limited
to power on and off, and remote console for vSphere
machines. | Yes | ||||||
Create New VM This option is
available to administrators. However, if an administrator turns
on the setting, then it is available to the other users roles.
To activate the option, select and turn on Create new
resource .By activating the
option, Automation Service Broker users can create VMs based on any image
and any flavor even though they are not administrators
themselves. To avoid the potential overconsumption of resources,
administrators can create approval policies to reject or approve
any deployment requests based on the image used or the flavor or
size requested. | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |||
View deployed, onboarded, and migrated resources. | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |||
Run day 2 actions on deployed, onboarded, and migrated resources
based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Resources - Volumes | View discovered volumes | Yes | Yes | ||||
No day 2 actions available | |||||||
View deployed, onboarded, and migrated volumes | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | ||
Run day 2 actions on deployed, onboarded, and migrated volumes
based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Resources - Networkin and Security | View discovered networks, load balancers, and security
groups | Yes | Yes | ||||
No day 2 actions available | |||||||
View deployed, onboarded, and migrated networks, load balancers,
and security groups | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | ||
Run day 2 actions on deployed, onboarded, and migrated networks,
load balancers, and security groups based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Alerts
| |||||||
See and open the Alerts tab | Yes | Yes | Yes | Yes | Yes | ||
Manage alerts | Yes | Yes. Your projects | Yes. Your projects | ||||
View alerts | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Service Broker Service
Roles
The
Automation Service Broker
service roles determine
what you can see and do in Automation Service Broker
. These service roles are defined in the console by an
organization owner.Role | Description |
|---|---|
Service Broker Administrator | Must have read and write access to the entire user
interface and API resources. This is the only user role that can
perform all tasks, including creating a new project and assigning a
project administrator. |
Service Broker User | Any user who does not have the Automation Service Broker Administrator role. In an Automation Service Broker project, the administrator adds users
to projects as project members, administrators, or viewers. The
administrator can also add a project administrator. |
Service Broker Viewer | A user who has read access to see information but
cannot create, update, or delete values. This is a read-only role
across all projects in all the services. Users with the
viewer role can see all the information that is available to the
administrator. They cannot take any action unless you make them
a project administrator or a project member. If the user is
affiliated with a project, they have the permissions related to
the role. The project viewer would not extend their permissions
the way that the administrator or member role does. |
In addition to the service roles,
Automation Service Broker
has project roles. Any project is available in all of the
services.The project roles are defined in
Automation Service Broker
and can vary between projects. In the following tables, which tells you what the different service and project roles
can see and do, remember that the service administrators have full permission on all
areas of the user interface.
Use the following descriptions of project roles will help you as you decide what
permissions to give your users.
- Project administrators leverage the infrastructure that is created by the service administrator to ensure that their project members have the resources they need for their development work.
- Project members work within their projects to design and deploy cloud templates. In the following table, Your projects can include only resources that you own or resources that are shared with other project members.
- Project viewers are restricted to read-only access.
- Project supervisors are approvers inAutomation Service Brokerfor their projects where an approval policy is defined with a project supervisor approver. To provide the supervisor with context for approvals, consider also granting them the project member or viewer role.
UI Context | Task | Service Broker Administrator | Service Broker Viewer | Service Broker User User must be a
project administrator to see and do project-related
tasks. | |||
|---|---|---|---|---|---|---|---|
Project Administrator | Project Member | Project Viewer | Project Supervisor | ||||
Access Service Broker
| |||||||
Console | In the console, you can see and open Service Broker | Yes | Yes | Yes | Yes | Yes | Yes |
Infrastructure
| |||||||
See and open the Infrastructure tab | Yes | Yes | |||||
Administration - Projects | Create projects | Yes | |||||
Update, or delete values from project summary, provisioning,
Kubernetes, integrations, and test project configurations. | Yes | ||||||
Add users and groups, and assign roles in projects. | Yes | Yes. Your projects. | |||||
View projects | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Administration - Custom Roles | Create custom user roles and assign them to users and groups. | Yes | |||||
Administration - Custom Names | Create custom resource names. | Yes | |||||
Administration - Secrets | Create and delete secret reusable properties. | Yes | |||||
Administration - Settings | Turn on or off internal settings. | Yes | |||||
Administration - Users and Groups | View the users and groups assigned to custom roles. | Yes | |||||
Configure - Cloud Zones | Create, update, or delete cloud zones | Yes | |||||
View cloud zones | Yes | Yes | |||||
Configure - Kubernetes Zones | Create, update, or delete Kubernetes zones | Yes | |||||
View Kubernetes zones | Yes | Yes | |||||
Connections - Cloud Accounts | Create, update, or delete cloud accounts | Yes | |||||
View cloud accounts | Yes | Yes | |||||
Connections - Integrations | Create, update, or delete integrations | Yes | |||||
View integrations | Yes | Yes | |||||
Activity - Requests | Delete deployment request records | Yes | |||||
View deployment request records | Yes | ||||||
Activity - Event Logs | View event logs | Yes | |||||
Content and Policies
| |||||||
See and open the Content and Policies tab | Yes | Yes | |||||
Content Sources | Create, update, or delete content sources | Yes | |||||
View content sources | Yes | Yes | |||||
Content | Customize form and configure item | Yes | |||||
View content | Yes | Yes | |||||
Policies - Definitions | Create, update, or delete policy definitions | Yes | |||||
View policy definitions | Yes | Yes | |||||
Policies - Enforcement | View enforcement log | Yes | Yes | ||||
Notifications - Email Server | Configure an email server | Yes | |||||
Consume
| |||||||
See and open the Consume tab | Yes | Yes | Yes | Yes | Yes | Yes | |
Projects | See and search projects | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | Yes. Your projects | Yes. Your projects |
Catalog | See and open the Catalog page | Yes | Yes | Yes | Yes | Yes | Yes |
View available catalog items | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | ||
Request a catalog item | Yes | Yes. Your projects | Yes. Your projects | ||||
Deployments - Deployments | View deployments,
including deployment details, deployment history, price,
monitor, alerts, optimize, and troubleshooting information | Yes | Yes | Yes. Your projects | Yes. Your projects | Yes. Your projects | |
Manage alerts | Yes | Yes. Your projects | Yes. Your projects | ||||
Run day 2 actions on deployments based on policies | Yes | Yes. Your projects | Yes. Your projects | ||||
Deployments - Resources | View all discovered resources | Yes | Yes | ||||
Run day 2 actions on discovered resources. Actions available
only on machines and limited to power on and off for all
machines, and remote console for vSphere machines. | Yes | ||||||
Deployments - All Resources | View deployed, onboarded, migrated resources | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |
Run Day 2 actions on deployed, onboarded, and migrated resources
based on policies | Yes | Yes | Yes. Your projects. | Yes. Your projects. | |||
Deployments - Virtual Machines | View discovered machines | Yes | Yes | ||||
Run day 2 actions on discovered machines. Actions are limited
to power on and off, and remote console for vSphere
machines. | Yes | ||||||
Create New VM This option is
available in Automation Service Broker if your administrator activates the
option. To activate the option, select .By activating the
option, Automation Service Broker users can create VMs based on any image
and any flavor even though they are not administrators
themselves. To avoid the potential overconsumption of resources,
administrators can create approval policies to reject or approve
any deployment requests based on the image used or the flavor or
size requested. | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |||
View deployed, onboarded, and migrated resources. | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | |||
Run day 2 actions on deployed, onboarded, and migrated resources
based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Deployments - Volumes | View discovered volumes | Yes | Yes | ||||
No day 2 actions available | |||||||
View deployed, onboarded, and migrated volumes | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | ||
Run day 2 actions on deployed, onboarded, and migrated volumes
based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Deployments - Networking and Security | View discovered networks, load balancers, and security
groups | Yes | Yes | ||||
No day 2 actions available | |||||||
View deployed, onboarded, and migrated networks, load balancers,
and security groups | Yes | Yes | Yes. Your projects. | Yes. Your projects. | Yes. Your projects. | ||
Run day 2 actions on deployed, onboarded, and migrated networks,
load balancers, and security groups based on policies | Yes | Yes. Your projects. | Yes. Your projects. | ||||
Inbox
| |||||||
See and open the Inbox tab | Yes | Yes | |||||
Approvals | View approval requests | Yes | Yes | Yes | Yes | Yes | Yes |
Respond to approval requests | Yes | Yes. Your projects and the policy approver is Project
Administrator | Only if you are a named approver | Only if you are a named approver | Yes. Your projects and the policy approver is Project
Supervisor | ||
User Input Requests | View user input requests | Yes | Yes | Yes | Yes | ||
Respond to user input requests | Yes | Yes. Your projects and you are assigned to provide input | Only if you are assigned to provide input | ||||
Pipelines 服務角色
Automation Pipelines
服務角色決定了您可以在 Automation Pipelines
中看到和執行什麼。這些角色由組織擁有者在主控台中定義。在所有服務中均可使用任何專案。角色 | 說明 |
|---|---|
Pipelines 管理員 | 具有整個使用者介面和 API 資源的讀取和寫入權限的使用者。這是唯一可查看和執行所有操作的使用者角色,包括建立專案、整合端點、新增觸發器、建立管線和自訂儀表板、將端點和變數標記為受限制的資源、執行使用受限制資源的管線,以及請求在 Automation Service Broker 中發佈管線。 |
Pipelines 開發人員 | 可使用管線但無法使用受限制端點或變數的使用者。如果管線包含受限制的端點或變數,則此使用者必須取得對使用受限制端點或變數之管線工作的核准。 |
Pipelines 執行者 | 可以執行管線並核准或拒絕使用者作業工作的使用者。該使用者可以繼續、暫停和取消管線執行,但無法修改管線。 |
Pipelines 使用者 | 可存取 Automation Pipelines 但在 Automation Pipelines 中不具有任何其他權限的使用者。 |
Pipelines 檢視者 | 具有讀取存取權的使用者,可查看管線、端點、管線執行和儀表板,但無法進行建立、更新或刪除。同時具有服務檢視者角色的使用者可以查看可供管理員使用的所有資訊。這些使用者無法執行任何動作,除非您將其設為專案管理員或專案成員。如果使用者與某個專案相關聯,便擁有與角色相關的權限。專案檢視者不會按照管理員或成員角色的方式來延伸其權限。 |
除了服務角色以外,
Automation Pipelines
還具有專案角色。在所有服務中均可使用任何專案。專案角色是在
Automation Pipelines
中定義的,可能會因專案而異。 在以下說明不同的服務和專案角色可以查看和執行哪些動作的資料表中,請記住,服務管理員對使用者介面的所有區域擁有完整權限。
使用下列專案角色說明以協助您決定授與使用者哪些權限。
- 專案管理員利用服務管理員所建立的基礎結構,來確保其專案成員具有其開發工作所需的資源。專案管理員可以新增成員。
- 具有服務角色的專案成員可使用服務。
- 專案檢視者可查看專案,但無法建立、更新或刪除專案。
除受限制以外的所有動作
表示此角色有權對實體執行建立、讀取、更新和刪除動作,但受限制的變數和端點除外。 UI 內容 | 功能 | Automation Pipelines 管理員角色 | Automation Pipelines 開發人員角色 | Automation Pipelines 執行者角色 | Automation Pipelines 檢視者角色 | Automation Pipelines 使用者角色 |
|---|---|---|---|---|---|---|
管線
| ||||||
檢視管線 | 是 | 是 | 是 | 是 | ||
建立管線 | 是 | 是 | ||||
執行管線 | 是 | 是 | 是 | |||
執行包含受限制端點或變數的管線 | 是 | |||||
更新管線 | 是 | 是 | ||||
刪除管線 | 是 | 是 | ||||
管線執行
| ||||||
檢視管線執行 | 是 | 是 | 是 | 是 | ||
繼續、暫停和取消管線執行 | 是 | 是 | 是 | |||
恢復為獲得對受限制資源的核准而停止的管線 | 是 | |||||
自訂整合
| ||||||
建立自訂整合 | 是 | 是 | ||||
讀取自訂整合 | 是 | 是 | 是 | 是 | ||
更新自訂整合 | 是 | 是 | ||||
端點
| ||||||
檢視執行 | 是 | 是 | 是 | 是 | ||
建立執行 | 是 | 是 | ||||
更新執行 | 是 | 是 | ||||
刪除執行 | 是 | 是 | ||||
將資源標記為受限制
| ||||||
將端點或變數標記為受限制 | 是 | |||||
儀表板
| ||||||
檢視儀表板 | 是 | 是 | 是 | 是 | ||
建立儀表板 | 是 | 是 | ||||
更新儀表板 | 是 | 是 | ||||
刪除儀表板 | 是 | 是 |
Assembler Migration Assistant
Service Roles
The Migration Assistant service roles
determine what you can see and do in Migration Assistant and Assembler. These
service roles are defined in the console by an organization owner.
Role | Description |
|---|---|
Migration Assistant Administrator | A user who has full view, update, and delete privileges in the
Migration Assistant and Assembler. This role must also
have at least the Assembler Viewer role. |
Migration Assistant Viewer | A user who has read access to see information but cannot create,
update, or delete values in Migration Assistant or in Assembler. This role must also
have at least the Assembler Viewer role. |
Orchestrator Service
Roles
The
Automation Orchestrator 用戶端
service roles determine what you can see
and do in Automation Orchestrator 用戶端
.
These service roles are defined in the console by an organization owner.Role | Description |
|---|---|
Orchestrator Administrator | A user who has full view, update, and delete privileges in
Automation Orchestrator 用戶端 . An administrator can also access the
content created by specific groups. |
Orchestrator Viewer | A user who has read access to see features and content, including
all groups and group content, but cannot create, update, run, delete
values, or export content. This is a read-only role across all
projects in all the services. |
Orchestrator Workflow Designer | A user who can create, run, edit, and delete their own
Automation Orchestrator 用戶端 content. They can add their own
content to their assigned group. The workflow designer does not have
access to the administration and troubleshooting features of the
Automation Orchestrator 用戶端 . |
Automation users without an assigned
Orchestrator service role can still access all
Automation Orchestrator 用戶端
instances in the organization but have
limited permissions. They can view and run their own content and respond to user
interaction requests that are assigned to them. Users without an assigned Orchestrator
service role in Automation who have an assigned role in an individual
Automation Orchestrator 用戶端
instance can only
access that Automation Orchestrator 用戶端
instance. Automation Config Service
Role
The Automation Config service role
determines what you can see and do in Automation. This service role is defined in
the console by an organization owner.
Role | Description |
|---|---|
Config Administrator | A user who can access the Automation Config tile on the console
when the integration with Assembler is configured. To log in on the
Automation Config instance, the user must have Automation Config
administrator permissions that are defined in Automation Config. The user must also
have the Assembler Administrator role. |
Config User | A user who does not
have the Config Administrator role. |
Salt Master | |
Config Superuser |