RBAC access to report data
By default, all users that can log in to TrueSight Server Automation - Data Warehouse have access (What kind of access ? read ? they can run the report ? they can edit it ? delete it ?) to the folders and built-in report definitions.
Role definitions in the TrueSight Server Automation role-based access control (RBAC) system control access to the data in reports by controlling access to the TrueSight Server Automation jobs and servers that are associated with the reports data. TrueSight Server Automation RBAC determines the data that appears in domain reports, as shown in the following table.
Role definitions in domains
Domain | Role-based access control (Server-based) | Role-based access control (Job-based) |
---|---|---|
Audit | Yes | Yes |
Command Usage | Yes | No |
Compliance | Yes | Yes |
Inventory | Yes | No |
Job Activity | Yes | Yes |
Patch | Yes | Yes |
Provisioning | Yes | Yes |
RBAC | NA | NA |
Note: Update RBAC data
If you make RBAC changes in TrueSight Server Automation - Data Warehouse, ensure that you run an ETL to update the reports data warehouse with these changes as soon as possible.
Roles and report access in multi-site environments
In multi-site deployments of TrueSight Server Automation - Data Warehouse, one TrueSight Server Automation - Data Warehouse database is identified as the primary site. A primary site reporting user with the GlobalReportAdmins role has authorizations to see report data for all the sites. Other reporting users have access to view data only for their site.
Before the first ETL run, ensure that you assign the GlobalReportAdmins role to a primary site reporting user.
Comments
Log in or register to comment.