红帽全球峰会此内容没有您所选择的语言版本。
Chapter 1. Overview of Red Hat Lightspeed advisor service assessment and monitoring
Use the advisor service to assess and monitor the health of your Red Hat Enterprise Linux (RHEL) infrastructure. Whether you are concerned with individual or groups of systems, or with your whole infrastructure, be aware of the exposure of your systems to configuration issues that can affect availability, stability, performance, and security.
After installing and registering the Red Hat Lightspeed client, the client runs daily to check systems against a database of Recommendations, which are sets of conditions that can leave your RHEL systems at risk. Your data is then uploaded to the Operations > Advisor > Recommendations page where you can perform the following actions:
- See all of the recommendations for your entire RHEL infrastructure.
- Use robust filtering capabilities to refine your results to those recommendations, systems, groups, or workloads that are of greatest concern to you, including SAP workloads, Satellite host collections, and custom tags.
- Learn more about individual recommendations, details about the risks they present, and get resolutions tailored to your individual systems.
- Share results with other stakeholders. For more information, see Generating advisor service reports with FedRAMP.
- Create and manage remediation plans to fix issues right from the Red Hat Lightspeed application. For more information, see Red Hat Lightspeed remediations guide with FedRAMP.
User Access is the Red Hat implementation of role-based access control (RBAC). Your Organization Administrator uses User Access to configure what users can see and do on the Red Hat Hybrid Cloud Console (the console):
- Control user access by organizing roles instead of assigning permissions individually to users.
- Create groups that include roles and their corresponding permissions.
- Assign users to these groups, allowing them to inherit the permissions associated with their group’s roles.
All users on your account have access to most of the data in Red Hat Lightspeed.
1.1.1. Predefined User Access groups and roles
To make groups and roles easier to manage, Red Hat provides two predefined groups and a set of predefined roles:
Predefined groups
The Default access group contains all users in your organization. Many predefined roles are assigned to this group. It is automatically updated by Red Hat.
NoteIf the Organization Administrator makes changes to the Default access group its name changes to Custom default access group and it is no longer updated by Red Hat.
The Default admin access group contains only users who have Organization Administrator permissions. This group is automatically maintained and users and roles in this group cannot be changed.
On the Hybrid Cloud Console navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > Identity & Access Management > User Access > Groups to see the current groups in your account. This view is limited to the Organization Administrator.
Predefined roles assigned to groups
The Default access group contains many of the predefined roles. Because all users in your organization are members of the Default access group, they inherit all permissions assigned to that group.
The Default admin access group includes many (but not all) predefined roles that provide update and delete permissions. The roles in this group usually include administrator in their name.
On the Hybrid Cloud Console navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > Identity & Access Management > User Access > Roles to see the current roles in your account. You can see how many groups each role is assigned to. This view is limited to the Organization Administrator.
1.1.2. Access permissions
The Prerequisites for each procedure list which predefined role provides the permissions you must have. As a user, you can navigate to Red Hat Hybrid Cloud Console > the Settings icon (⚙) > My User Access to view the roles and application permissions currently inherited by you.
If you try to access Red Hat Lightspeed features and see a message that you do not have permission to perform this action, you must obtain additional permissions. The Organization Administrator or the User Access administrator for your organization configures those permissions.
Additional resources
For more information about user access and permissions, see User Access configuration guide for role-based access control (RBAC) with FedRAMP.
1.1.3. User Access roles for advisor service users
The following roles enable standard or enhanced access to remediations features in Red Hat Lightspeed:
- RHEL Advisor administrator. Perform any available operation against any Red Hat Lightspeed advisor-service resource.
- RHEL Advisor viewer. Be able to read advisor data.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}