Default user roles and permissions
BMC Helix Continuous Optimization uses the default user roles in BMC Helix Portal to manage access to various functionality.
Each role has default permissions that are assigned to it. You cannot edit the default user roles. You can create custom roles and assign permissions. For details, see Roles and permissions .
All permissions in BMC Helix Continuous Optimization are part of the capacity_optimization application. The objects to which you want to provide permissions are grouped as Resources. The following table lists the default user roles and permissions in BMC Helix Continuous Optimization. For details about the permissions in a resource group, see Permissions available for a resource.
Role | Description | Resource and Permissions |
---|---|---|
Capacity Administrator | Users in this group have access to to all the sections in BMC Helix Continuous Optimization. They can perform all the administrative activities. | Has all the permissions in the following resource groups: capacity_optimization application:
|
Capacity Planner | Users in this group can perform all activities related to capacity planning. The users in this group have access to Views and the Workspace section. In the Administration section, they can edit and view the optimizer rules. | Has all the permissions in the following resource groups: capacity_optimization application:
Has specific permissions in the following resource groups:
|
Capacity Operator | Users in this group can access the Views section. The users cannot perform administrative activities such as creating custom views. | Has specific permissions in the following resource groups: capacity_optimization application:
|
Capacity ETL Client | Users in this group can ingest data. The API user should be assigned the Capacity ETL Client role to install the Remote ETL Engine. | Has specific permissions in the following resource groups: capacity_optimization application:
|
Cloud Planner | Users in this group can define the on-premise cost and migration strategy, simulate the migration, and view the Views section. The users cannot perform administrative activities such as creating custom views. The Cloud Planner role is available only if you have installed Migration Simulation. | Has specific permissions in the following resource groups: capacity_optimization application:
|
If you want to create and edit Events you must explicitly provide the following permissions to the core application and the events resource. To use events, along with the default permissions, you need to provide the following permissions to the user roles. For details about the permissions in a resource group, see Permissions available for a resource.
Role | Resource and Permissions |
---|---|
Capacity Administrator | Has all the permissions in the following resource group: core application:
|
Capacity Planner | Has all the permissions in the following resource group: core application:
|
Capacity Operator | Has specific permissions in the following resource group: core application:
|
Capacity ETL Client | Has specific permissions in the following resource group: core application:
|
Cloud Planner | Has specific permissions in the following resource group: core application:
|
User groups in the Single Sign-On console are associated with the corresponding roles in BMC Helix Continuous Optimization.
Permissions available for a resource
The following image displays the out-of-the-box permissions in BMC Helix Continuous Optimization:
This table describes the default permissions that are available when you add a new role. All permissions in the following table are part of the capacity_optimization application. To learn how to add permissions to a role, see Setting up roles and permissions .
Resource | Permissions | Description |
---|---|---|
admin | access_all_entities | Add, edit, and delete domains, systems, and business drivers. |
auth_profile_edit | Edit authorization profiles from the Administration tab. | |
admin_section_edit |
| |
admin_section_read | View the Data Warehouse and System sections in the Administration tab. | |
benchmarks_edit | Edit the Benchmarks data in the Administration tab. | |
etls_read | View the ETL logs and ETL run history. | |
general_manager_edit | Add, edit, and delete Gateway Servers and Agent Lists in the Gateway Manager section of Administration tab. | |
general_manager_read | View the Gateway Servers, Agent Lists, and Manager runs. | |
optimizer_rule_edit |
| |
optimizer_rule_read |
| |
tasks_edit | Add, edit, run, and delete System Tasks and ETL tasks in the ETL & System Tasks section in the Administration tab. | |
tasks_read | View System Tasks in the ETL & System Tasks section in the Administration tab. | |
user_accounts_edit | Manage authorization profiles in the Administration tab. | |
analysis | edit | Create and edit analysis in the Workspace tab. |
read | View analysis in the Works folder. | |
save_template |
| |
api | agent_data_read | Access and view the Agent Data API. For details, see Agent Data API. |
dashboard_views_edit | Edit the Dashboard Views API. | |
dashboard_views_read | Access and view the Dashboard Views API. | |
data_provider_read | Access and view the Data Provider API. For details, see Data Provider API. | |
capacity_views | edit |
|
read | View all capacity views (out-of-the-box and custom views). | |
tags_edit |
| |
tags_read | View tags on resources. | |
migration_simulation | edit | Manage the settings in Migration Simulation. |
read | View the budget notifications in Migration Simulation. | |
custom_etl | edit | Edit a custom ETL. |
data_ingestion | edit | Used by the Capacity ETL Client role to ingest data. |
domains | edit | Add, edit, and delete domains, systems, and business drivers. |
edit_admin_domains | Access all the systems and business driver nodes for inactive, dismissed, or newly discovered entities. | |
read | View active systems and business drivers associated to one or more domains. | |
events | edit | Add and edit events from the Events page in the domain. |
read | View the events from the Events page in the domain. | |
models | edit | Add, edit, and delete models. |
read | View models saved in the Works folder. | |
reports | edit | Add, edit, and delete reports. |
global_reports_edit | View the report templates available to users. | |
read | View reports saved in the Works folder. | |
time_filters | edit | Add, delete, copy, or move global filters in the Workspace tab. |
whatif_simulation | edit | Create, edit, delete, and run a What-if simulation. |
read | View the results of a What-if simulation. |
The table describes the additional permissions that are required to use events. All permissions in the following table are part of the core application. To learn how to add permissions to a role, see Setting up roles and permissions .
Resource | Permissions | Description |
---|---|---|
events | view | View the events from the Events page in the domain. |
operations | Controls the closing of events on the backend. | |
assignee_operations | Used to move events on the backend. | |
ingest | Add and edit events from the Events page in the domain. |
Comments
Log in or register to comment.