Roles and permissions
BMC Helix Operations Management leverages BMC Helix Portal to provide single sign-on authentication for users. In BMC Helix Portal , you can create and edit users and user groups, and assign any of the available permissions, such as creating, modifying, viewing, deleting, or managing objects. However, you cannot create new permissions.
Permissions for console-level and API-level access for BMC Helix Operations Management
Console-level users are tenant administrators and users that are manually created by the tenant administrator require credentials to access the BMC Helix Portal and BMC Helix Operations Management consoles.
API-level users are the users that require programmatic access to BMC Helix Portal and BMC Helix Operations Management . API users have the API key, which includes the access key (similar to a user name) and the secret key (similar to a password). The API key can be used for programmatic access to BMC Helix Portal . This key can be generated by the tenant administrator at a tenant level or by an individual user at a user level.
For more information, see
User access
.
In
BMC Helix Operations Management
, a tenant-level API user is created in the following format:
timestamp@tenantid
This user cannot be deleted. If you delete this user, a new API user is automatically created with the same format.
For information about the permissions associated with this user, see
List of permissions
.
The following table describes the permissions that are available for BMC Helix Operations Management :
| Permission | Description |
|---|---|
| core.devices.view | View devices View device details |
| core.events.view | View events and event details View event details by using cross-launch Download and export events |
| core.events.operations | View event operations Create an incident from an event Perform the following event operations:
|
| core.events.assignee_operations | View event operations Perform the following event operations:
|
| core.events.ingest | Generate and update event API |
| core.event_classes.view | View and search event class View enums |
| core.event_classes.manage | Create, edit, delete event class Create, edit, delete custom enums |
| blackout_policies.view | View the blackout policy list View blackout policy details |
| blackout_policies.manage | View the blackout policy list View blackout policy details Create, edit, delete policy details |
| event_policies.view | View and search for event policies View event policy details View and search for data tables |
| event_policies.manage | View the event policy list View the event policy details Create, edit, delete event policies View, edit, and delete data tables |
| monitor.user_preferences.manage | Edit user preferences. |
| monitor.external_entity_types.view | View external entities while adding or editing alarm policies |
| monitor.external_entity_types.view | View dynamic entities while adding or editing alarm policies |
| monitor.alarm_policies.manage | View the list of alarm policies Create, edit, and delete alarm policies |
| monitor.infrastructure_policies.view | View the list of infrastructure policies. |
| monitor.infrastructure_policies.manage | View the list of infrastructure policies. Create, edit, and delete infrastructure policies. |
| monitor.infrastructure_policies.manage_patrol_agent | |
| monitor.infrastructure_policies.manage_repo | View the list of deployable packages and installation components Create deployable packages |
Roles and permissions for BMC Helix AIOps
As a tenant administrator, you can control access to various features available with the integrated products. Use the following information for assigning permissions to roles.
Roles | Responsibilities | Permissions | ||
|---|---|---|---|---|
| Application or Service | Resource | Permission | ||
|
Note: You can assign some or all of these permissions to a custom user. | aiops | pca | view |
| services | view | |||
| situations | view | |||
| situations | manage | |||
|
| aiops | services | view |
| services | manage | |||
|
| All permissions | ||
Comments
Log in or register to comment.