Role Based Access Control

Acceldata Pulse ships with the following two roles:

  • Super Admin: Super Admin is a super user with permissions to all the pages and actions.
  • User: Super admin has capability to create users. A super admin can grant access to view any page and perform any actions in the UI. Super admin can restrict users from viewing any page in the user interface.

Roles Configuration

Roles can be configured only by a super admin. Consequently, the Roles icon is visible only if you log on to Acceldata as a super admin

Click from the top menu bar and select the Roles tab to configure roles. You can configure the left side navigation, actions, queues and users that a role can see while creating a role definition.The Roles page lists all the roles available in the system.

Important Definitions to remember while creating a role

  • Queues: Queues are the fundamental unit of YARN and as a super admin, you can create roles that are specific to the queues.
  • Users: While creating a role, only the selected users information can be viewed by other users with that particular role.
  • AD Mapping: Roles can be mapped to either groups or users fetched from Active Directory or users can be configured in the Acceldata platform.

To create a role, do the following:

  1. Click the Create Role button. The Create Role wizard is displayed.

  2. Specify a name for the role.

  3. Under Page Permissions, select the pages that you want the role to view in their side navigation.

    NOTE 1
    Some pages have sub topics within them which can be again individually selected. Only the selected topics in the page are displayed in the side navigation for that particular role. On selection of a page, all the topics within it will be automatically selected. Click the right pointing arrow key to view and uncheck the topics that shouldn't be visible for the role.

    NOTE 2
    For few pages, you will notice that there are options that do not exist in the side navigation. These options are nothing else but actions. For example, the Alert page in the side navigation consists of two topics i.e. Alerts and Incidents. But in the Create Role wizard, the Alerts topic has more sub options which are actions that can be performed by a user. The first action in the Alerts topic is to Create an Alert. This option can be unselected. This means that any user with this particular role, does not have permissions to create an alert and will not see the create alert button on their alert page.
  4. Select the list of Queues.

  5. Select the list of Users.

  6. Under Ad Mapping, specify a group that can be mapped to the role.

  7. Click Save.

Editing Roles

From the list of roles in the Roles page, click the name of the role you want to edit. The Edit User wizard is displayed. Make your changes and click save.

Deleting Roles

From the list of roles in the Roles page, click from the end of a Roles row and select Delete to delete the role.

User Configurations

Creating Users without LDAP

To create a user without LDAP, do the following:

  1. Click the Users tab. The Users page is displayed.

  2. Click the Create User button. The Create User wizard is displayed.

  3. Specify a User Name.

  4. Specify a Password.

  5. Specify the same password provided in the previous step in the Confirm Password location.

  6. Select a Role.

  7. Click Save.

Creating Users with LDAP

To create a user with LDAP, do the following:

  1. Click the Users tab. The Users page is displayed.

  2. Click the Create User button. The Create User wizard is displayed.

  3. Specify your LDAP user name.

  4. Check the LDAP User checkbox.

  5. Select a Role.

  6. Click Save.

Editing User details

From the list of users in the users page, click the name of the user you want to edit. The Edit User wizard is displayed. The User Name cannot be edited. If you want, you can change the password and previously selected role. Incase the user has a LDAP ID and was not selected before, you can check the LDAP checkbox. Remember to save your changes.

NOTE
The admin is also a user whose details cannot be edited but can be viewed.

Deleting Users

From the list of users in the users page, click from the end of a user row and select Delete to delete the user.

SSH Keys

SSH Keys is used by Acceldata system to login to any of the boxes in the cluster, in order to perform any maintenance activities and execute any administrative tasks that are configured in the Actions page.

Creating an SSH Key

To create an SSH key, do the following:

  1. Click the SSH Keys tab. The SSH Keys page is displayed.
  2. Click the Create SSH Key button. The Create SSH Keys page is displayed.
  3. Specify a Title for the SSH Key.
  4. Specify the same user name that was created while creating the key file.
  5. Specify the content that was created while creating the key file.
  6. Click Save.

Editing or Deleting SSH Keys

An SSH Key cannot be edited once it is created. You have to delete the key and create it again.

From the list of SSH Keys in the SSH Keys page, click from the end of a SSH Key row and select Delete to delete the SSH Key.