Assign roles to AWS users of Cloud Provisioning and Governance
You assign Cloud Provisioning and Governance roles to user groups and to individual users based on user activities and responsibilities.
始める前に
手順
Assign the following roles to groups and users as appropriate:
| Descriptive name and role name |
Description and tasks | Access rights in Cloud Provisioning and Governance |
|---|---|---|
| Root administrator
|
Highest level of application access for Cloud Provisioning and Governance. | All |
| Cloud administrator
|
Configures the Cloud Provisioning and Governance application and sets up the cloud infrastructure. | Cloud infrastructure: Service accounts and cloud account Networks and IPAM Settings for provider services that auto-update
the CMDB:
|
| Governor
|
Monitors overall cloud usage and enforces compliance of the organization's rules, quotas, and policies. Also manages tags and permissions to various objects. | Governance:
|
| Service Designer
|
Creates blueprints, ARM and CloudFormation templates, and catalog items. | Cloud Service Design:
|
| Cloud user
|
Requests and manages stacks and resources. | Cloud User Portal. When you assign the role to a group, all members of the group share quota limitations and ownership of certain resources. You can access all the task records, assigned to you or otherwise, if you have the cloud service user role. |
| Cloud operator
|
Monitors and troubleshoots the Cloud Provisioning and Governance application. | Dashboards and reports:
|
| Cloud Event
Integration
注: Not
supported by IBM Cloud Connector. |
Authorizes access to the instance for external services that auto-update the CMDB when cloud events occur. This role gives the access to the cloud event REST endpoint. | Cloud infrastructure:
Settings for provider services that auto-update the CMDB:
|
| Cloud Group
administrator
|
Grants admin access to any group that you belong to. |