Roles & Permissions
User Roles & Permissions determinw what actions users can perform and what features they can access within your MikroCloud portal. Managing roles ensures that each user has the correct level of access based on their responsibilities within the team.
Roles Overview
Each user in MikroCloud is assigned a role, and that role dictates the specific permissions they hold. Permissions define the level of control users have over the portal's different components, such as viewing, creating, updating or deleting resources.
In the Roles & Permissions section of the portal, administrators can manage the roles for the current team.
| Role | Overview |
|---|---|
| System Roles | These are predefined roles that come with default permissions. |
| Custom Roles | These are roles that are created to fit the specific needs for your organization. |
Permissions and their Impact on Portal Visibility
The specific permisions assigned to a role determine the features that are visible and accessible to users. For example, a role with the Teams View permission can only view the teams but cannot create, delete or update them.
Permisions Overview:
Teams
| Permission | Explanation |
|---|---|
| Teams View | Allows the user to view team-related information. |
| Teams Delete | Grants permission to delete teams. |
| Teams Create | Grants permission to create new teams. |
| Teams Invite Users | Allows the user to invite other users to a team. |
| Teams Update | Allows the user to update existing team information. |
| Teams Remove Users | Grants permission to remove users from a team. |
Organization
| Permission | Explanation |
|---|---|
| Organization - Update | Allows updates to general organizational settings. |
| Organization - Manage Payment Methods | Allows management of payment methods for the organization. |
| Organization - Update Subscription | Allows the user to update organization subscriptions. |
CVE
| Permission | Explanation |
|---|---|
| Cve View | Allows the user to view CVE-related information. |
| Cve Delete | Grants permission to delete CVEs. |
| Cve Create | Grants permission to create new CVEs. |
| Cve Run | Allows users to run CVE assessments or reports. |
| Cve Update | Allows users to update existing CVE records. |
Content
| Permission | Explanation |
|---|---|
| Content View | Allows the user to view content. |
| Content Create | Grants permission to create new content. |
| Content Update | Allows the user to update existing content. |
| Content Delete | Grants permission to delete content. |
Security
| Permission | Explanation |
|---|---|
| Security View | Allows users to view security settings and data. |
| Security Create | Grants permission to create new security configurations. |
| Security Update | Allows updates to existing security configurations. |
| Security Delete | Grants permission to delete security configurations. |
Roles
| Permission | Explanation |
|---|---|
| Role View | Allows the user to view roles and their permissions. |
| Role Create | Grants permission to create new roles. |
| Role Delete | Grants permission to delete roles. |
| Role Update | Allows the user to update roles and their permissions. |
Users
| Permission | Explanation |
|---|---|
| User View | Allows the user to view information about other users. |
| User Create | Grants permission to create new users. |
| User Update | Allows the user to update existing users’ information. |
| User Delete | Grants permission to delete users. |
API
| Permission | Explanation |
|---|---|
| API View | Allows the user to view API credentials and configurations. |
| API Create | Grants permission to create new API credentials. |
| API Delete | Grants permission to delete API credentials. |
Jobs
| Permission | Explanation |
|---|---|
| Job View | Allows the user to view jobs. |
| Job Create | Grants permission to create new jobs. |
| Job Update | Allows updates to existing jobs. |
| Job Delete | Grants permission to delete jobs. |
Sites
| Permission | Explanation |
|---|---|
| Site View | Allows the user to view site-related information. |
| Site Create | Grants permission to create new sites. |
| Site Update | Allows updates to existing sites. |
| Site Delete | Grants permission to delete sites. |
| Site Action | Grants permission to perform actions on a site, such as restarting services. |
WAN
| Permission | Explanation |
|---|---|
| Wan View | Allows the user to view WAN configurations. |
| Wan Create | Grants permission to create WAN configurations. |
| Wan Update | Allows updates to WAN configurations. |
| Wan Delete | Grants permission to delete WAN configurations. |
Transient Access
| Permission | Explanation |
|---|---|
| TransientAccess View | Allows the user to view transient access information. |
| TransientAccess Create | Grants permission to create new transient access configurations. |
| TransientAccess Update | Allows updates to existing transient access configurations. |
| TransientAccess Delete | Grants permission to delete transient access configurations. |
API Credentials
| Permission | Explanation |
|---|---|
| ApiCredentials View | Allows the user to view API credentials. |
| ApiCredentials Create | Grants permission to create new API credentials. |
| ApiCredentials Update | Allows updates to existing API credentials. |
| ApiCredentials Delete | Grants permission to delete API credentials. |
Inventory
| Permission | Explanation |
|---|---|
| Inventory View | Allows the user to view inventory data. |
| Inventory Create | Grants permission to add new inventory items. |
| Inventory Update | Allows updates to existing inventory items. |
| Inventory Delete | Grants permission to delete inventory items. |
Backup
| Permission | Explanation |
|---|---|
| Backup View | Allows the user to view backup information. |
| Backup Create | Grants permission to create new backups. |
Fault
| Permission | Explanation |
|---|---|
| Fault View | Allows the user to view fault-related information. |
Schedule
| Permission | Explanation |
|---|---|
| Schedule View | Allows the user to view scheduled tasks or events. |
| Schedule Create | Grants permission to create new schedules. |
| Schedule Update | Allows updates to existing schedules. |
| Schedule Delete | Grants permission to delete schedules. |
CPF (Content Protection Framework)
| Permission | Explanation |
|---|---|
| CPF View | Allows the user to view CPF settings or reports. |
| CPF Create | Grants permission to create CPF configurations. |
| CPF Update | Allows updates to CPF configurations. |
| CPF Delete | Grants permission to delete CPF configurations. |
Scripts
| Permission | Explanation |
|---|---|
| Script View | Allows the user to view scripts. |
| Script Create | Grants permission to create new scripts. |
| Script Update | Allows updates to existing scripts. |
| Script Delete | Grants permission to delete scripts. |
| Script Run | Grants permission to execute scripts. |
| Script Authorize | Allows the user to authorize script execution. |
SLA (Service Level Agreements)
| Permission | Explanation |
|---|---|
| SLA View | Allows the user to view SLA-related information. |
| SLA Create | Grants permission to create new SLAs. |
| SLA Update | Allows updates to existing SLAs. |
| SLA Delete | Grants permission to delete SLAs. |
| SLA Run | Grants permission to execute SLAs. |
Notifications
| Permission | Explanation |
|---|---|
| Notification View | Allows the user to view notifications. |
| Notification Create | Grants permission to create new notifications. |
| Notification Update | Allows updates to existing notifications. |
| Notification Delete | Grants permission to delete notifications. |
Assigning or revoking permissions has a direct effect own hat a user can interact with in the portal. For example, if a user is only granted Content View, they won't be able to create or update content but will have read-only access.
This is also removes the button/ widget from the portal should you remove a permission group from a user.
Creating a New Role Group
Adding a new user role is easy, not only does MikroCloud provide an intuitive interface for creating users, but it also provides a plethora of ways to customize the user role, ensuring that the permissions that the user has aligns with their work.
Step 1: Navigate to the Roles & Permissions Overview Dashboard
- From your Dashboard, click on
Settings -> Roles & Permissionsin order to naviage to the user role & permissions page.
- A new page will pop up, this is the
Roles & Permissions Overviewpage, which you can use to manage all of your user permissions.
Step 2: Create a New User Role
- At the top-right of your
Roles & Permissions Overviewpage, you can click on the+ Addbutton in order to create the new user role.
- A new widget will pop up, which will allow you to enter the name for the new user role.
- Create this user role with any name you would like, for instance, you can name it NOC Team for your NOC team to manage and access your sites.
Step 3: Assign Permissions
- On the
Create New Rolepage, you can assign specific permissions for your new user role.
Select only the specific permissions that you would like to apply to the users in this role. In this example, we will be created a NOC Team User Role, which we will use to apply to our NOC users.
- Assign the permissions for the user group by ticking the boxes next to the specefied permission.
- See the permission outline as discussed above to get an understanding of what each permission's function is.
The permissions assigned in the image above is only an example, you can customize the permissions for your new role in any way you would like.
- When you have reviewed the permissions, you can continue to click on the
Add ->button at the bottom of the page, in order to create the new role.
Editing a Role Group
Editing an existing role group in MikroCloud is similar to creating a new role, with the added advantage of being able to fine-tune existing permissions without starting from scratch. This allows you to adapte to changing organizational needs quickly and easily.
Step 1: Navigate to the Roles & Permissions Overview Dashboard
- From your Dashboard, click on
Settings -> Roles & Permissionsto open the Roles & Permissions Overview page.
- On the Roles & Permissions Overview page, you will see a list of all existing user roles. Locate the role you wish to edit.
Step 2: Edit the Role
- Click on the role you want to modify, this will open the edit page.
- A new widget will pop up, allowing you to update the role's name, and assigned permissions. You can modify the role's name if needed to reflect changes in responsibilities.
Step 3: Update Permissions
- Scroll down to the permissions section of the Edit Role page. You will see all available permissions for this role, each with a checkbox next to it.
- Uncheck or check the permissions you want to remove or add any additional permissions that need to be granted.
- In the example above, we added the inventory, backup and CPF permissions to this role group.
Ensure that you review permissions carefully before making changes. Editing permissions may immediately impact user access and they they can do within the portal.
- Once you've made the necessary updates to permissions, click the
Update ->button at the bottom of the page to apply the changes.
- The system will confirm the chagnes, and the users assined to this role will have their access updated based on the new permissions.
Any changes applied will only take affect once the user(s) log out of the portal, and then log back in again.
Deleting a Role Group
If you need to remove a role group from your MikroCloud portal, follow these steps. deleting a role group will remove all associated permissionf from users who are assigned to that role.
Step 1: Navigate to the Roles & Permissions Overview Page
- From your Dashboard, click on
Settings -> Roles & Permissionsto access the roles & permissions overview page.
- On the Roles & Permissions Overview page, you will see a list of all existing role groups.
Step 2: Locate the Role Group
- Browse through the list of role groups to find the role group you wish to delete.
- Once you've located the role group, click on the 3 dots next to the role group.
Step 3: Remove the Role Group
- A list of actions will be shown.
- Click on the
Removebutton (represented with aTrashcanicon).
- A confirmation page will pop up. If you are sure that you want to delete this role group, you can click on the
Deletebutton to continue.- If you are unsure, you can click on the
Cancelbutton to go back to the overview page.
- If you are unsure, you can click on the
That's it, you have successfully removed the Role group from your MikroCloud Portal.
The role group will be removed from the system, and any users assigned to that role group will immediately lose their associated permissions.
Was this page helpful?