Assigning roles and permissions
BMC Helix Multi-Cloud Broker provides out-of-the-box functional roles that administrators can assign to their users. A functional role is a collection of multiple application roles and enables users to access different applications and perform various actions. As an administrator, you assign the functional roles and associated permissions only to users who need to configure and manage BMC Helix Multi-Cloud Broker; for example configuring the system, creating and managing data, setting up integrations.
The following image illustrates an example of a functional role:
The following table lists the out-of-the-box functional roles:
Functional role | Core task | Out-of-the-box permissions |
---|---|---|
Multi-Cloud Service Admin | Perform administrative tasks such as configuring BMC Helix Multi-Cloud Broker, adding and managing user data, managing integration templates. | Ticket Brokering Library permission
Remedy AR System permission
BMC Helix Innovation Suite Foundation library permissions:
Service Level Management (SLM) library permission:
|
Multi-Cloud Service Owner | View data in BMC Helix Multi-Cloud Broker and track the health of a service by using the Service Dashboard. | Ticket Brokering Library permission:
BMC Helix Innovation Suite Foundation library permissions:
Service Level Management (SLM) library permission:
|
Task 1: To create a people record
For a new user, you need to create a people record in Mid Tier that contains the user details; for example, contact information, support staff, access credentials.
You can create a people record by using a template or without using a template. For more information, see any of the following topics:
Important
When you create a people record, in the Login/Access Details section, in the License Type field, make sure you select Fixed, as shown in the following image:
After you complete the steps, you can view the details of the user you created in the User form in Mid Tier.
To view the user details
The following image shows the steps to navigate to the User form in Mid Tier:
After you search for the user, Mid Tier displays the user details as shown in the following image:
Task 2: To assign an out-of-the-box functional role to a user
After you create the user, assign one of the out-of-the-box functional roles to the user.
To do this, perform the following steps:
Log in to Mid Tier.
Select Applications > Administrator Console > Application Administration Console:
Click the Custom Configuration tab.
In Application Settings, select Foundation > People > People and click Open.
In the People form, click New Search.
By using any of the fields displayed, search for the person to whom you want to assign the functional role and click Search.
For example, search for a person by using the First Name field as shown in the following image:Select Login/Access Details > IS Personas.
In the Login ID field, enter the ID for the selected person record.
Click Update Personas.
In the IS Personas form, enter the following details:
Field
Action
Application Name
From the list, select com.bmc.dsm.ticket-brokering-lib.
IS Persona
From the list, select any of the following roles:
- Multi-Cloud Service Admin
- Multi-Cloud Service Owner
Click Add/Modify .
Click Close and then click Save.
Important
If the user that you are creating is responsible to set up integrations, perform Task 3 and Task 4.
Task 3: To assign an application permission
If the user you have created is responsible to set up and manage integrations, assign an application permission relevant to that integration to the user. For example, if the user needs to set up an integration between BMC Helix ITSM incident and Jira issue, the user needs incident-specific permission to create incidents in BMC Helix ITSM.
To assign the permission, perform the following steps:
After you have assigned a functional role in the previous procedure, in the People form, click the Application Permission tab.
Click Update Permission Groups.
In the Permission Group dialog box, from the Permission Group list, select a group based on the type of integration user needs to set up.
After you select a permission group, the text box below the License Type field provides a description of the permission group. For example, if you select Incident Master, the text box provides a description as shown in the following image:If required, select the License Type as Fixed.
Click Add/Modify.
Click Close and then click Save.
Task 4: To provide access to a bundle
After you assign an application permission to the user, provide user the access to different bundles that BMC Helix Multi-Cloud Broker depends on. This access enables users to perform various activities related to those bundles; for example, receiving notifications, adding attachments to BMC Helix ITSM tickets.
To provide the bundle access, perform the following steps:
- After you have assigned an application permission in the previous procedure, in the People form, click the IS Bundle Access tab.
- Click Update IS Bundle Access.
- In the IS Bundle Access pane, from the Bundle Access list, select the following bundles one by one and then click Add/Modify:
- com.bmc.dsm.attachment-service-lib
- com.bmc.dsm.flowsets-lib
- com.bmc.dsm.mcsm
- com.bmc.dsm.notification-lib
- com.bmc.dsm.risk-management-service-lib
- com.bmc.dsm.search-lib
- com.bmc.dsm.shared-components-lib
- com.bmc.dsm.shared-services-lib
- com.bmc.dsm.slm-lib
- com.bmc.dsm.social-lib
- com.bmc.dsm.ticket-brokering-lib
- com.bmc.dsm.ticketing-lib
- Click Close and then click Save.
To view out-of-the-box roles and permissions
You can view the out-of-the-box roles and permissions that BMC Helix Multi-Cloud Broker provides in BMC Helix Innovation Studio.
To do this, perform the following steps:
- Log in to BMC Helix Innovation Studio.
- Click the Administration tab.
Select Server settings > Application permissions and click Functional roles or Role permissions.
Option clicked Type of information displayed Functional role Details about the functional role and a list of associated roles.
Role permissions Permission details for the role.
Licensing
Licensing BMC Helix Multi-Cloud Broker enables organizations to:
Control access to their application
Protect their intellectual property
Reduce management costs, and adhere to their compliance policies
When BMC provisions BMC Helix Multi-Cloud Broker for a customer, BMC SaaS Operations licenses the BMC Helix Multi-Cloud Broker application.
Comments
Section - To assign BMC Helix Multi-Cloud Broker user permissions (Step 3)
I cannot find "Foundation Data" in converged platform (21.x). How to assign BMC Helix Multi-Cloud Broker user permissions within Innovation Studio 21.x?
Hello Himanshu!
Thank you, for your comment. We'll look into this and get back to you.
Regards,
Anushree
Hello Himanshu!
We have updated the content.
Regards,
Anushree
Log in or register to comment.