Overview
Key Concepts
General
- Index
- Favorites
- User Getting Started
- General
- User Key Concepts
- Search
- User Testing and Debugging
- User Interface
Account
- Index
- Add a Group to an Organization
- Add a New Azure Cloud
- Add a New Cloud
- Add a User To a Group
- Add a User
- Add a User to a Team
- Azure Setup
- Azure
- Catalogs
- Clouds
- Cost Management
- Create a Team in an Organization
- Delete a Platform
- Deploy an Organization
- Deployment Approval Process
- Enable Access to an Assembly for a User on a Team
- Environment Profiles
- How Cost Tracking and Reporting Works
- Import and Export Catalog
- Account
- Manage OneOps User Accounts
- Notifications
- OneOps Policy Management
- Organization Summary
- Provide Only Necessary Privileges to Accounts
- Reports Summary
- Restrict Access with Teams
- Secrets Proxy
- Security Groups
- Shutdown a Cloud
- View a Reports Summary
- View, Add, or Edit Environment Profiles
- View an Organization Summary
- View Assembly and Organization Consumption with Reports
Design
- Index
- Add a Platform to a Design
- Add a Variable
- Add ELK Stack to an Application
- Add or Delete a Security Group to Open or Close an Additional Port
- Add a Team to an Assembly
- Apache HTTP Server Component
- Apache HTTP Server Pack
- Apache Tomcat Pack
- Artifact Component
- Attachments
- Variables Override Prevention
- Certificate Component
- Chocolatey Package Component
- Components
- Compute Component
- Create Assemblies to Design Applications
- Create Environment Dependency with Environment Profiles
- Daemon Component
- Design Best Practices
- Download Component
- Edit a Platform
- Enable https for a Service (LB Certs)
- File Component
- Filebeat Component
- Firewall Component
- Fully Qualified Domain Name FQDN
- Hostname Component
- Design
- Java Component
- Job Component
- Keystore Component
- Load Balancer Component
- Library Component
- Load/Extract
- Logstash Component
- Manage Assemblies
- DotNet Framework Component
- Microsoft IIS Pack
- IIS Website Component
- Microsoft SQL Server Pack
- Naming Conventions
- NuGet Package Component
- Objectstore Component
- Operating System Component
- Packs
- Platform Links
- Platforms
- Ports by Platform
- Propagation
- Security Group Component
- Secrets Client Component
- Sensuclient Component
- Set Up Multiple Ports/Protocols in Load Balancer
- Share Component
- SSH Keys Component
- Storage Component
- Telegraf Component
- Upgrade an Application Version in an Environment
- User Component
- Variables
- View Design Releases
- Volume Component
- Watching an Assembly
- Website Component
Transition
- Index
- Add CNAME in Azure DNS
- Add CNAME
- Add or Edit Primary and Secondary Clouds
- Add or Reduce Capacity
- Availability Modes
- Configure ECV Check URL on OneOps
- Create an Environment
- Delete an Environment
- Deploy Application after Design Changes
- Deploy an Application for the First Time
- Deploy Application With Database
- Deploy an Environment
- Deploy Multiple Clouds in Parallel
- Deploy and Provision an Application and Environment for the First Time
- Edit an Environment
- Email Notification Relay
- Environment Releases
- Environment
- Transition
- Remove an Unused Cloud from an Environment
- Rollback Code
- Set Variable Cloud Scaling Percentage
- Transition Best Practices
- Transition
- View Deployment Status
Operation
- Index
- Assess the Health of Applications, Platforms and Clouds
- Auto Repair
- Auto Replace
- Auto Scale
- Computes in Operation
- Control Environment
- Enable Platform to Auto Replace Unhealthy Components
- Ensure that Alerts for Production Environment are Sent to NOC
- Find a Platform VIP Name
- Grep or Search Text in Files on Computes
- Operation
- Navigation to Monitors
- Monitors
- Operations
- Operations Summary
- Set Up a Custom Action
- Take a Node out of Traffic (ECV Disable)
- Update or Upgrade New OneOps Code
Manage OneOps User accounts
Account Access Overview
OneOps administrator accounts have powerful controls that can help you customize team and individual access. By following these best practices, you can easily set up OneOps to suit your business needs.
Make customizing access within OneOps simply by creating teams within your organization. You can add users to a team at any time, and assign privileges to the team as a whole. That way you can give groups of users the same access quickly and easily.
Definitions
- User: An individual registered user to OneOps. It can be any user or a Service Account
- Group: List of users grouped together under one name.
- Team: A way to manage user access by allowing or restricting accesses and permissions
Register New User
A new user has to log into the OneOps site and accept the terms and conditions. When the user is added to the system, the user can be granted access to one or more organizations by adding the user to an existing group or team or simply adding the user without any specific team access. User once added to an organization, without team specific priviledge has read-only access to all clouds within the organization, but no access to assemblies.
About Groups
Users can also be managed using groups. A group has one or more users. Such groups can then be added to one or more teams.
- Groups can be created under user profile section /account/profile#groups
- Any number of users can be added to a group
- Add either a user or a group to teams inside organizations
- Groups can span organizations, hence the group name is unique in the system.
- Groups are self-governed by group admins regardless of organization associations.
About Teams
Team is the way to manage access control for the users.
- Teams are unique per organization
- New teams can be added to an account under an organization /
/organization/edit#teams
See Create Team
Frequently used team access scenarios
Complete Control within an Organization.
The Admin is the most powerful control and should be limited to very few associates in an organization. Admin has priviledge to add/update/delete any resource within an organization
An admin team pre-exists in all of the organizations. Add the user or group to this admin team.
Read-Only Access to all resources within an Organization
Create a team with both Manage Access and Organization Scope checked and uncheck all Cloud/Assembly permissions. Members of this team have read-only access to the complete organization.
Ability to Create Assembly and Cloud without any DTO Permissions
Create a team with Manage Access checked only. Members of this team are only able to create a new assembly or cloud without the ability to add platforms/environments to the assembly or cloud services to the cloud.
Ability to Manage an Assembly
Create a team with Assembly Permissions checked (all DTO). Add this team to the assembly where members are required management access
Ability to Create and Manage an Assembly
Create a team with Manage Access checked along with Assembly permissions. Members of this team have rights to create and manage their assemblies.
Ability to Approve Deployments
Create a team with Organization Scope checked along with compliance or support permission as required. Add a Support/Compliance object to the clouds which would require deployment approval from this team members to proceed.
