CMDB Roles need

VM3
Tera Contributor

Hello Experts,

I am a new bee to CMDB, and I need to setup Roles on groups so that each group can maintain their own CI classes. 

For example we have Data Center Team which takes care of all Windows, Linux, VMWare etc. 

Then we have Network Team which takes care of Routers, switches, Access points etc. 

Then we have Security Team which takes care of Firewalls etc. 

Then Database Team takes care of MSSQL server, Oracle Db etc. 

So like that I need to assign Roles to these Team so that, they can maintain CIs only they are responsible for. 

They don't see other CI types which they don't manage.

Now OOB I see following Roles, which I tried to a Test user, but I didn't get anything what I was looking for. 

Can any one please suggest, how can I achieve this requirements. 

Thanks,

Note: Please note, I need two Roles for each of these classes.

One for READ only and

Second all 4 [CRUD] Read,Write,Update,Delete 

1 ACCEPTED SOLUTION

Kieran Anson
Kilo Patron

OOB there isn't anything setup at this level of granularity.

is add a write ACL to the various cmdb_ci extended tables you'd like to restrict and set a condition whereby write access is only granted if you are a member of the group defined in the "Managed By Group" field.

Note: This would be considered a lot of work as you wouldn't want to restrict some cmdb_ci extended tables such as the outage table.

View solution in original post

2 REPLIES 2

Kieran Anson
Kilo Patron

OOB there isn't anything setup at this level of granularity.

is add a write ACL to the various cmdb_ci extended tables you'd like to restrict and set a condition whereby write access is only granted if you are a member of the group defined in the "Managed By Group" field.

Note: This would be considered a lot of work as you wouldn't want to restrict some cmdb_ci extended tables such as the outage table.

VM3
Tera Contributor

Thanks Kieran. 

I believe that is the only option to achieve the requirements. I'll present this to my Team and find out if they want to go with this option.

Thanks again.

VM