MAS supports many RBA scenarios. Let us take a look at one of the use cases:
• Assume that some administrators have been assigned the task of application monitoring wherein they are required to enable/disable services. These administrators are not required to get access to any of the other modules which relate to use cases around infrastructure management, analytics, etc.
MAS can support such RBA scenarios by restricting administrator view to application module only. Furthermore MAS can also restrict access to only a specific set of Applications
Configuration Steps from MAS GUI:
1. Navigate to System -> User Authentication -> Group and create a group/ select the group to which you wish to apply the RBA settings. Ensure that all the administrators whose access you wish to restrict are a part of this group and then click on ‘Next’ button.
2: Here check the ‘allow access to Application Monitoring only’ box. This will restrict access to Application module only.
3: Furthermore, you can also restrict access to a specific subset of applications/virtual servers. Uncheck the ‘All Applications’ box and click on ‘Add virtual servers’ to selectively pick the virtual servers to which you want to grant access. After this, click ‘Finish’.
Once these configuration settings are complete, the administrators belonging to this group will have restricted access after login. Their view will be limited to Application module only and narrowed down to a limited set of applications as defined in RBA settings. Below screenshots show the view of super administrator as compared to the view of the administrator.
Screenshot: Super-administrator’s view
Screenshot: Administrator’s’s view (as per defined RBA settings)