Authorizing users to access TrueSight Cloud Cost Control

You can apply role-based access control (RBAC) to TrueSight Cloud Cost Control to allow or restrict viewing and editing of data to a certain user or group of users.

Overview of the RBAC process

To configure access control, you must complete the following steps:

StepTaskResource
1Set up users and user groups in Remedy Single Sign-On.

Configuring users and user groups

2

Assign entities to users using access groups in TrueSight Capacity Optimization.

Adding and managing access groups

Default roles and user groups 

After you install the product, some user groups and users are available by default.

The following table contains details about the default roles, user groups, authorization profiles, and permissions that are created for TrueSight Cloud Cost Control. 

User roleDescription

User group (Role) in Remedy SSO

Authorization Profile in TrueSight console

Permissions in TrueSight console

Cloud Planner

Users in this group can view and analyze cloud costs across all dimensions such as cloud provider, cloud service, and so on.

The users have access to all pages in the Cloud Cost Control section. Also, the users can access all the entities (such as business services, cost pools, resources).

The users cannot perform administrative activities in the TrueSight Capacity Optimization console.


Cloud_Cost_Control

Cloud Cost Control
  • Add and Edit Budget
  • Add and Edit Budget Notification
  • Add and Edit Tags
  • Allow User Preferences
  • Edit Cloud Cost Control
  • View Cloud Cost Control - Planner perspective
  • View Tags
Cloud Consumer

Users in this group can perform limited functions and access only the following pages in the Cloud Cost Control section in the TrueSight console:

  • Budget
  • Business Services
  • Cost Pools
  • Servers
  • Cost Optimization

The users cannot perform administrative activities.

The administrative user needs to configure access groups in the TrueSight Capacity Optimization console to allow the users access to the required entities such as domains, cost pools, and resources.

Cloud_Cost_Control_Consumer

Cloud Cost Control Consumer
  • Add and Edit Budget
  • Add and Edit Budget Notification
  • View Cloud Cost Control - Consumer perspective
  • View Tags

Example: Providing user access to specific entities

You can use the default Cloud_Cost_Control_Consumer user group to grant restricted page-level access to users, and access groups in the TrueSight Capacity Optimization console to allow restricted access to specific entities such as domains, cost pools, and resources.

Refer to the following example to understand the required steps.

Scenario:

Celine is the new head of the R&D team. She needs visibility into the costs associated with the resources used by the team.

The administrator, Alan, has already created a cost pool, R&D, which includes all the resources that the R&D organization uses.

Solution:

Alan performs the following steps:

  1. In the Remedy SSO console:
    1. Add user — celine.



    2. Assign the user to the user group — Cloud_Cost_Control_Consumer.
    3. Create a new user group — R&D Managers.
      This user group will be used to manage specific access control.

    4. Assign the user to this user group (R&D Managers).

  2. In the TrueSight Capacity Optimization console:
    1. Add an access group, R&D managers, with the external name as R&D Managers (User group that you added in step 1).
    2. Configure the access group to assign access to the cost pool, R&D.


When celine user logs on to the TrueSight console, the restricted list of pages in the Cloud Cost Control section are displayed with data for the cost pool — R&D.

Was this page helpful? Yes No Submitting... Thank you

Comments