이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 1. Limiting access to cost management resources


You may not want users to have access to all cost data, but instead only data specific to their projects or organization. Using role-based access control, you can limit the visibility of resources involved in cost management reports. For example, you may want to restrict a user’s view to only AWS integrations, rather than the entire environment.

Role-based access control works by organizing users into groups, which can be associated with one or more roles. A role defines a permission and a set of resource definitions.

By default, a user who is not an administrator or viewer will not have access to data, but instead must be granted access to resources. Account administrators can view all data without any further role-based access control configuration.

Note

A Red Hat account user with Organization Administrator entitlements is required to configure account users on Red Hat Hybrid Cloud Console. This Red Hat login allows you to look up users, add them to groups, and to assign roles that control visibility to resources.

For more information about Red Hat account roles, see User Access Configuration Guide For Role-Based Access Control (RBAC) in the Red Hat Hybrid Cloud Console documentation..

1.1. Default user roles in cost management

You can configure custom user access roles for cost management, or assign each user a predefined role within the Red Hat Hybrid Cloud Console.

To use a default role, determine the required level of access to permit your users based on the following predefined cost management related roles:

Administrator roles

  • Organization Administrator: Can configure and manage user access and is the only user with access to cost management settings.
  • User Access Administrator: Can configure and manage user access to services hosted on Red Hat Hybrid Cloud Console.
  • Cloud Administrator: Can perform any available operation on any integration.
  • Cost Administrator: Can read and write to all resources in cost management.
  • Cost Price List Administrator: Can read and write on all cost models.

Viewer roles

  • Cost Cloud Viewer: Has read permissions on cost reports related to cloud integrations.
  • Cost OpenShift Viewer: Has read permissions on cost reports related to OpenShift integrations.
  • Cost Price List Viewer: Has read permissions on price list rates.

In addition to using these predefined roles, you can create and manage custom User Access roles with granular permissions for one or more applications in Red Hat Hybrid Cloud Console. For more information, see Adding custom User Access roles in the Red Hat Hybrid Cloud Console documentation.

1.2. Adding a role to a group

Once you have decided the correct roles for your organization, you must add your role to a group to manage and limit the scope of information that members in that group can see within cost management.

The Member tab shows all users that you can add to the group. When you add users to a group, they become members of that group. A group member inherits the roles of all other groups they belong to.

Prerequisites

  • You must be an Organization Administrator.
  • If you are not an Organization Administrator, you must be a member of a group that has the User Access Administrator role assigned to it.
Note

Only the Organization Administrator can assign the User Access Administrator role to a group.

Procedure

  1. Log in to your Red Hat organization account at Red Hat Hybrid Cloud Console.
  2. Click Settings Settings icon > Identity & Access Management to open the Red Hat Hybrid Cloud Console Settings page.
  3. In the Global navigation, click the User Access Groups.
  4. Click Create group.
  5. Follow the guided actions provided by the wizard to add a group name, roles, and members.
  6. To grant additional group access, edit the group and add additional roles.

Your new group is listed in the Groups list on the User Access screen.

Verification

  • To verify your configuration, log out of the cost management application and log back in as a user added to the group.

For more information about configuring Red Hat account roles and groups, see User Access Configuration Guide For Role-Based Access Control (RBAC) in the Red Hat Hybrid Cloud Console documentation.

Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.