This documentation supports the 21.3 and consecutive patch versions of BMC Helix Multi-Cloud Broker.

To view an earlier version, select the version from the Product version menu.

Assigning roles and permissions

BMC Helix Multi-Cloud Broker provides out-of-the-box functional roles that administrators can assign to their users. A functional role is a collection of multiple application roles and enables users to access different applications and perform various actions. As an administrator, you assign the functional roles and associated permissions only to users who need to configure and manage BMC Helix Multi-Cloud Broker; for example configuring the system, creating and managing data, setting up integrations.

The following image illustrates an example of a functional role:


The following table lists the out-of-the-box functional roles:

Functional roleCore taskOut-of-the-box permissions
Multi-Cloud Service Admin

Perform administrative tasks such as configuring BMC Helix Multi-Cloud Broker, adding and managing user data, managing integration templates.

Ticket Brokering Library permission

  • Multi-Cloud Service Admin

Remedy AR System permission

  • AR System Administrator

BMC Helix Innovation Suite Foundation library permissions:

  • AR Foundation Organization Read
  • AR Foundation Categorization Read
  • AR Foundation Location Read
  • AR Foundation Person Read
  • AR Foundation Geography Read

Service Level Management (SLM) library permission:

  • SLM Admin
Multi-Cloud Service Owner

View data in BMC Helix Multi-Cloud Broker and track the health of a service by using the Service Dashboard.

Ticket Brokering Library permission:

  • Multi-Cloud Service Owner

BMC Helix Innovation Suite Foundation library permissions:

  • AR Foundation Organization Read
  • AR Foundation Categorization Read
  • AR Foundation Location Read
  • AR Foundation Person Read
  • AR Foundation Geography Read

Service Level Management (SLM) library permission:

  • SLM User

Task 1: To create a people record

For a new user, you need to create a people record in Mid Tier that contains the user details; for example, contact information, support staff, access credentials.

You can create a people record by using a template or without using a template. For more information, see any of the following topics:

  • Adding People by using a template
  • Adding people without using templates

Important

When you create a people record, in the Login/Access Details section, in the License Type field, make sure you select Fixed, as shown in the following image:

After you complete the steps, you can view the details of the user you created in the User form in Mid Tier.

To view the user details

The following image shows the steps to navigate to the User form in Mid Tier:

After you search for the user, Mid Tier displays the user details as shown in the following image:

After you search for a user, the user details are displayed in the User form.

Task 2: To assign an out-of-the-box functional role to a user

After you create the user, assign one of the out-of-the-box functional roles to the user.

To do this, perform the following steps:

  1. Log in to Mid Tier.

  2. Select Applications > Administrator Console > Application Administration Console:

  3. Click the Custom Configuration tab.

  4. In Application Settings, select Foundation > People > People and click Open.

  5. In the People form, click New Search.

  6. By using any of the fields displayed, search for the person to whom you want to assign the functional role and click Search.
    For example, search for a person by using the First Name field as shown in the following image:

  7. Select Login/Access Details > IS Personas.

  8. In the Login ID field, enter the ID for the selected person record.

  9. Click Update Personas

  10. In the IS Personas form, enter the following details:

    Field

    Action

    Application Name

    From the list, select com.bmc.dsm.ticket-brokering-lib.

    IS Persona

    From the list, select any of the following roles:

    • Multi-Cloud Service Admin
    • Multi-Cloud Service Owner

  11. Click Add/Modify .

  12. Click  Close and then click  Save.


Important

If the user that you are creating is responsible to set up integrations, perform Task 3 and Task 4.


Task 3: To assign an application permission

If the user you have created is responsible to set up and manage integrations, assign an application permission relevant to that integration to the user. For example, if the user needs to set up an integration between BMC Helix ITSM incident and Jira issue, the user needs incident-specific permission to create incidents in BMC Helix ITSM.

To assign the permission, perform the following steps:

  1. After you have assigned a functional role in the previous procedure, in the People form, click the Application Permission tab.

  2. Click Update Permission Groups.

  3. In the Permission Group dialog box, from the Permission Group list, select a group based on the type of integration user needs to set up.

    After you select a permission group, the text box below the License Type field provides a description of the permission group. For example, if you select Incident Master, the text box provides a description as shown in the following image:

  4. If required, select the License Type as Fixed.

  5. Click Add/Modify.

  6. Click Close and then click Save.

Task 4: To provide access to a bundle

After you assign an application permission to the user, provide user the access to different bundles that BMC Helix Multi-Cloud Broker depends on. This access enables users to perform various activities related to those bundles; for example, receiving notifications, adding attachments to BMC Helix ITSM tickets.

To provide the bundle access, perform the following steps:

  1. After you have assigned an application permission in the previous procedure, in the People form, click the IS Bundle Access tab. 
  2. Click Update IS Bundle Access.
  3. In the IS Bundle Access pane, from the Bundle Access list, select the following bundles one by one and then click Add/Modify:
    • com.bmc.dsm.attachment-service-lib
    • com.bmc.dsm.flowsets-lib
    • com.bmc.dsm.mcsm
    • com.bmc.dsm.notification-lib
    • com.bmc.dsm.risk-management-service-lib
    • com.bmc.dsm.search-lib
    • com.bmc.dsm.shared-components-lib
    • com.bmc.dsm.shared-services-lib
    • com.bmc.dsm.slm-lib
    • com.bmc.dsm.social-lib
    • com.bmc.dsm.ticket-brokering-lib
    • com.bmc.dsm.ticketing-lib
  4. Click Close and then click Save.

To view out-of-the-box roles and permissions

You can view the out-of-the-box roles and permissions that BMC Helix Multi-Cloud Broker provides in BMC Helix Innovation Studio.

To do this, perform the following steps:

  1. Log in to BMC Helix Innovation Studio.
  2. Click the Administration tab.
  3. Select Server settings > Application permissions and click Functional roles or Role permissions.

    Option clickedType of information displayed
    Functional role

    Details about the functional role and a list of associated roles.

    Role permissions

    Permission details for the role.

Licensing

Licensing BMC Helix Multi-Cloud Broker enables organizations to:

  • Control access to their application

  • Protect their intellectual property

  • Reduce management costs, and adhere to their compliance policies

When BMC provisions BMC Helix Multi-Cloud Broker for a customer, BMC SaaS Operations licenses the BMC Helix Multi-Cloud Broker application.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Himanshu Choudhary

    Section - To assign BMC Helix Multi-Cloud Broker user permissions (Step 3)

    I cannot find "Foundation Data" in converged platform (21.x). How to assign BMC Helix Multi-Cloud Broker user permissions within Innovation Studio 21.x?

    Aug 25, 2022 08:36
    1. Anushree Chavan

      Hello Himanshu!

      Thank you, for your comment. We'll look into this and get back to you.

      Regards,

      Anushree

      Sep 27, 2022 03:48
    1. Anushree Chavan

      Hello Himanshu!

      We have updated the content.

      Regards,

      Anushree

      Oct 19, 2022 02:00