Roles and permissions

BMC Helix AIOpsleverages BMC Helix Portal to provide single sign-on authentication for users.

As an administrator, you can create and edit users, user groups, and roles in BMC Helix Portal. You can assign any of the roles or permissions to users, such as creating, modifying, viewing, deleting, or managing objects in BMC Helix Portal. However, you cannot create new permissions.

As a BMC Helix Single Sign-On administrator, you can configure infinite user sessions for BMC Helix AIOps in the BMC Helix SSO Admin Console, so that your session remains active all the time. For information about how to configure this setting, see Configuring infinite user sessions.

Related topics

Product-overview

Setting up roles and permissions

The following video (2:46) provides an overview of permissions and how to assign them to roles in BMC Helix Portal:

Watch the YouTube video about Assigning permissions to user roles in BMC Helix Portal.

Consult the following table to understand the default roles available in the product and the capabilities and permissions assigned to each role.

Important

In some organizations, these responsibilities are performed by site reliability engineering team (SRE). So, you might want to assign these permissions accordingly.

Roles	Responsibilities	Permissions
Roles	Responsibilities	Application or Service	Resource	Permission
Important: In addition to the permissions listed here, by default, all users must be assigned the DSM Read Only role in BMC Helix Portal. For more information, see Setting up role-based access control.
Operator	View Services and individual service details View service predictions View and manage Situations Run and request automations Configure general settings such as setting a default landing page, enabling the dark theme for the console, or configuring the default data refresh interval for UI pages.	aiops	pca	view
			services	view
			situations	view
			situations	manage
Service Designer	View Services and service predictions Create and modify service models Create and modify service blueprints Run and request automations Enable dark theme for the BMC Helix AIOps console Important: For modeling service blueprints and services, you need additional permissions for viewing devices and groups in BMC Helix Operations Management. For more information, see Authorization profile.	aiops	services	view
Service Designer		aiops	services	manage
Tenant Administrator	Manage roles and permissions View all pages in BMC Helix AIOps Enable AIOps features Enable situations to aggregate events Create automation BMC Helix Intelligent Automation Monitor and investigate vulnerabilities	All permissions
Vulnerability Manager	View the BMC Helix AIOps overview page View top vulnerabilities, impacted services, and remediation owners View vulnerability summary and details, and generate remediation steps Assign categories to vulnerabilities by using REST API	aiops	overview	view
			services	view
			services	manage
		Automation Console	Vulnerability	Manage Scan
			Vulnerability	View
			Vulnerability	Close
			Vulnerability	Exception View
			Vulnerability	Exception Manage
			Vulnerability	Vulnerability Operation
			Vulnerability	Manage Category
			Vulnerability	Assign Category
			Security group	Manage
			Security group	View
			SLA	Manage
			SLA	View
			Tag	Manage
			Connector	Manage
			Connector	View

Roles and permissions

On this page