Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DOC and version 7.4.0-7.4.6

...

Info

Keep in mind when working with individual Resource permissions that tasks which require moving entities (zones, IPAM blocks, attaching servers, etc) from one resource to another, require the user to have permissions on both the originating Resource and the destination Resource.

Thus, moving IP blocks from "6connect Labz6thStreet Labs" to "7connect 7thStreet Labs" requires the user to have IPAM and Resource permissions on both Lab resources.

Similarly, attaching a DNS server to a DNS Group requires Resource permissions on both the DNS Group and the intended DNS server to attach.

Here, we show making a group called "Some Lab Group", whose users we want to be able to access two resources: 6connect Labz 6thStreet Labs and 7connect 7thStreet Labs.

These users will be working extensively in IPAM and Resources, so we give them full access to those areas of ProVision.

Image Modified

However, we also want them to view other information in Peering and Users, but not edit it.

...

Lastly, hit "Save" to save our changes. 

Image Modified

Details on each resource permission option is as follows:

Resource PermissionDescription
CreateAbility to create records of a certain type
ReadAbility to read records of a certain type
UpdateAbility to update existing records of a certain type
DeleteAbility to delete records of a certain type
Functional AreaDescription

IPAM

IP Address Management functionality - this covers the IPAM Tab in addition to the IPAM "Gadget" that can be present in Resources.
PeerPeering functionality - covers the Peering Tab, both the Communication Manager and the Session Manager.
ResourceResource functionality - this controls access for Resources depending on either the TLR or the individual Resource(s) selected. DNS zones, records, and servers are included as "Resources".
UserUser/Group management - this controls access for User and Group functions within the administrative area for ProVision.
SWIP*This affects the SWIP/RPSL integration for ARIN/RIPE. This way a user can either be enabled to have this capability or not.
Admin*This controls whether a user is a administrator for the global ProVision application.
Info
title*

SWIP and Admin functions are only visible when Show Details is selected

...