Roles
CloudCasa uses role-based access control (RBAC), which means that the permissions that a user has are determined by the roles assigned to them. The Roles page allows administrators to manage role definitions.
From the menu bar, go to Configuration > Roles in the User Management section.
The built-in roles
There are two built-in roles that are available in CloudCasa by default: ADMIN and USER.
See also
In addition to the built-in roles, you can create and use custom roles with specific permissions. For more information, see Adding custom roles.
Their permissions are pre-defined as follows:
ADMIN |
USER |
Custom roles |
|
|---|---|---|---|
Dashboard |
● |
● |
● |
Clusters |
● |
● |
● |
Databases |
● |
● |
● |
Configuration |
● |
(Partial) |
(Optional) |
Activities |
● |
● |
(Optional) |
Alerts |
● |
● |
(Optional) |
ADMIN |
USER |
Custom roles |
|
|---|---|---|---|
Policies |
● |
● |
(Optional) |
App Hooks |
● |
● |
(Optional) |
My Storage |
● |
(Read only) |
(Optional) |
ADMIN |
USER |
Custom roles |
|
|---|---|---|---|
Settings |
● |
(Optional) |
|
Clusters |
● |
● |
(Optional) |
Cloud Accounts |
● |
● |
(Optional) |
Billing & Payments |
● * |
||
Service Plans |
● |
(Optional) |
* The Billing & Payments page is only available to the Billing Admin.
ADMIN |
USER |
Custom roles |
|
|---|---|---|---|
Users |
● |
(Optional) |
|
User Groups |
● |
(Optional) |
|
Roles |
● |
(Optional) |
|
Invitations |
● |
(Optional) |
|
API Keys |
● |
(Optional) |
Tip
Some features such as API Keys are not available in CloudCasa Free subscriptions.
The Billing Admin role
The Billing Admin role is different from other roles in that it can only be assigned to one user per organization. The Billing Admin is the primary billing contact for an organization, and so will receive invoices and payment-related communications. They also have permission to access the Configuration/Billing & Payments page, to modify or cancel the current service plan in the Configuration/Service Plans page, and to update payment infomration such as credit card and bank accounts numbers.
A Billing Admin is only assigned for organizations with paid subscriptions. For organizations with free subscriptions, all admin users will have access to the Service Plans and Billing & Payments pages. The Billing Admin role will be assigned automatically to the admin user who subscribes to a paid service plan using the Configuration/Service Plans page. If a subscription is created by the Catalogic sales team, the Billing Admin role will be given to the requested billing contact. The current Billing Admin can be changed by administrators on the Configuration/Users page.
See also
Adding custom roles
In addition to the built-in roles, you can create custom roles with specific permissions and associate users with these custom roles.
In the Roles page, click Add role + to open the Add role pane.
Enter the name. You can also add description which appears in the role list.
Select permissions:
Permission type |
Actions to permit |
|---|---|
Alerts |
Control |
API Keys |
Create, Read, ReadWrite |
Cloud Accounts |
Create, Read, ReadWrite |
Jobs |
Control |
Kubernetes App Hooks |
Create, Read, ReadWrite |
Kubernetes Backup Definitions |
Create, Read, ReadWrite |
Kubernetes Clusters |
Backup, Control, Create, Read, ReadWrite, Restore |
Kubernetes Namespaces |
Read |
Kubernetes Restore Definitions |
Create, Read, ReadWrite |
My Storage |
Create, Read, ReadWrite |
Policies |
Create, Read, ReadWrite |
Recovery Points |
Control |
Roles |
Create, Read, ReadWrite |
User Groups |
Create, Read, ReadWrite |
Users |
Create, Read, ReadWrite |
Click Save. Ensure that you can see the new custom role in the role list.
Tip
Whenever you assign permissions to a user, always check their user groups in addition to their individual roles. For example, assume that you have a user “Momoko” and associate her with the USER role. If she is also associated with a user group which includes the ADMIN role, she has all permissions that the ADMIN role has too. For details about user groups, see User Groups.