This is Mark Brandon with Qbox. And, in this video, we are going to walk through the new role based access control. This feature allows users to share the infrastructure dashboard with other users in their organization, allowing multiple users to provision resources, or to modify resources, troubleshoot problems, access bills, invite other users or cancel the account.
Interaction with the RBAC feature is possible via Qbox UI and Qbox API, making it easy for administrators to assign roles dynamically via their favorite REST API and HTTP clients. So let’s get started.
To create a new user from your dashboard homepage, go to account and either users or add user, I’m going to select users. You can see that I, as the person who signed up, am the account owner and default admin, this is the highest level of control. This user has accepted Terms of Service and controls the other users. (Note: if you are an existing account owner, or your account owner has left your organization and you want to change the account owner, fill out a support ticket as this step requires a few verification steps.)
Now at this moment, our RBAC has four user roles: the account owner, an administrator, an operator, and billing. Here is a basic table of the permissions that each role is granted, the billing role is able to see and receive bills but the operator is not. Conversely, the operator is able to view and perform cluster operations, which is invisible to the billing role. Neither the operator nor the billing role can create new users.
Now I am logged in as an operator, I can perform cluster operations, but no billing operations are visible to me. On my screen now, I am logged in as a billing user. I can see the bills but no option to create or manage a cluster.
So that’s it! We hope this feature makes life simpler for you. Check out our tutorials at qbox.io/tutorials and thanks for being a customer. This has been Mark Brandon with Qbox.