New Administrative Authorization Group
To create a new admin authorization group and to specify the associated admin resources.
To view this admin console page, click Security > Administrative Authorization Groups > New.
You must be logged into the admin console with cell-level AdminSecurityManager authority, or the primary admin ID can make these changes as well.
- Name
Use to identify the new admin authorization group. The name should be descriptive of the group's role, or purpose, and should be unique in the cell structure. Using a non-unique name results in an error and a failure to create the new admin authorization group. This is a required field.
- Resources
Select the resources from the Resource section to which you want the new admin authorization group to control access.
Resources that are displayed in black text are available for selection.
Resources that are displayed in grey are already members of a different administrative authorization group. Therefore, these resources are not available for inclusion in the new admin authorization group. When a resource is a member of a different authorization group, the name of the group displays next to the resource name. For example: server_1 (group_1)
The available filtering options are the following. Each option includes all the resources that are associated with that specific filtering option.
- All scopes
- The default view that displays the authorization group tree.
- Clusters
- All of the resources associated with the clusters.
- Web Servers
- All of the resources associated with the Web servers.
- Business-level applications
- All of the resources associated with the business-level applications.
- Servers
- All of the resources associated with the servers.
- Nodes
- All of the resources associated with the nodes.
- Applications
- All of the resources associated with the applications.
- Assets
- All of the resources associated with the assets.
- Node Groups
- All of the resources associated with the node groups.
- Assigned scopes
- Displays all of the scopes explicitly assigned to the current authorization group.
Related concepts
Role-based authorization
Administrative roles and naming service authorization
Related
Example: Using fine-grained security