[Index]
Tip
Use the Action search to navigate Automate
Overview
Provider administrators can manage the roles that are available for administrators, operators, and users at lower levels in the hierarchy.
Note
You cannot change your own role.
Edit a role
To edit an existing role:
Note
If hierarchy node types are removed from the Hierarchies Allowed list while users or Site Defaults reference this node type, then the update cannot be saved. The transaction Message shows:
"Cannot update Role. Some User(s) or Site Defaults exist with the hierarchy rules defined in this role."
Add a role
To add a new role:
Log in as provider administrator.
Go to the Role Management.
Click Add.
Fill out details and hierarchy rules for the role:
| Setting | Description |
|---|---|
| Name | Mandatory. The name of the role. |
| Description | Description of the role. |
| Access Profiles | Mandatory. Specifies permissions for resources. |
| Menu Layout | Mandatory. Controls navigation and available actions. |
| Dashboard | Mandatory. Defines the landing page and widgets shown after login. |
| Interface | Indicates whether the role applies to the Administration or Self-service interface. |
| Theme | Controls the visual appearance of the interface. |
| Self Service Links | Provide useful links to Self-service end users. |
| Permitted Hierarchy Types | Hierarchy rules define the hierarchies where this role can be assigned. Where a user is at a specific hierarchy, available roles will then include all roles that include that specific hierarchy in the Hierarchies Allowed list. Refer to the Hierarchies Allowed List Impact below. When the role is saved, the selected Hierarchy Type is added to the Hierarchies Allowed list if it is not included. |
Click Save to add the role.
Hierarchies Allowed List Impact
The following areas in the system are impacted by list entries available in the Hierarchies Allowed List of a role:
Microsoft-only role
Starting with version 21.3-PB1, Automate ships with a Microsoft-only role (MicrosoftOnlyRole) and accompanying role-based access control elements, which are predefined for a Microsoft-only user interface experience. These elements include predefined field display policies, dashboards (MicrosoftOnlyDashboard), and menus (MicrosoftOnlyMenu). Installing these templates provides the baseline for a Microsoft-only version of Automate, and hides non-Microsoft GUI elements, such as the FDPs, menus, and dashboards reflecting functionality used for managing Cisco devices.
To use the MicrosoftOnlyRole in Automate:
Log in to Automate as hscadmin.
Go to the Roles page.
Locate MicrosoftOnlyRole in the list view.
Select the role in the list (or click on the role to open it).
Note
This role ships with a standard access profile and a predefined menu layout and dashboard.
Click Export to export the role to a JSON file, and save the file to your local computer.
Edit the JSON file to specify the hierarchy where you want to use the role.
Go to the Import page.
Browse to the location you saved the JSON file, then click Import.
Go to the Role Management list view to verify that the role now exists also at the hierarchy you specified.
At the hierarchy where you wish to assign the role to a user (Provider or Customer), go to the Admins page. Choose a user (or add a user), then on the User Details tab, from the Role field, choose the role (MicrosoftOnlyRole) you imported to this level, and save your change.
A User Role is a combination of Configuration Templates and Field Display Policies that apply to all the Data-, Device- and Domain Models available in the system. When a User Role is created, a Configuration Template and Field Display Policy can be selected as defaults that apply to each available model. The User Role can also be associated with a Menu Layout, Theme and an Access Profile that specifies create, read, update and delete permissions on each model. When a user is created or updated, a User Role can be selected for the user. This means that the user will by default have the menu, relevant permissions, Configuration Template defaults and settings as well as Field Display Policy views applied when using the relevant model. More than one user can have the same User Role assigned. User Roles provide a means to manage users that are logged in on the system.
| Title | Description | Details | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Name * | The name that is given to the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Description | A description for the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Interface * | The selected Interface that is associated with the Role. The interface can be an Administration or Self Service. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Access Profile * | The selected Access Profile that is associated with the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Menu Layout | The selected Menu Layout that is associated with the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Dashboard | The selected Dashboard that is associated with the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Theme | The selected Theme that is associated with the Role. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Landing Page | Landing page for user |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Self Service Links | Provide useful links to Self Service end users |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Self Service Feature Display Policy | Self Service Feature Display Policy |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Rules |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Permitted Hierarchy Types | Hierarchy Types that this Role can be added under. If no hierarchy types are specified, the role can be added under any non-sys hierarchy type. |
|
|||||||||||||||||||||||||||||||||||||||||||||||