on Nov 7, 2017In the Services Security view Settings tab, Administrators can enable and configure system roles that define permissions on a per meta key basis for individual Brokers, Concentrators, Network Decoders, and Log Decoders. Configuring this feature adds configurable meta keys to the Services Security view > Roles tab so that individual meta keys can be applied to specific roles on a specific service. The following figure illustrates this.
This configuration is generally part of a data privacy plan implemented to ensure that specific types of content consumed or aggregated by a service are kept secure by limiting visibility of the metadata and content to privileged users. See the Data Privacy Management Guide for more information.
Workflow
What do you want to do?
| User Role | I want to... | Documentation |
|---|---|---|
| Administrator | set up a host. | |
| Administrator | maintain a host. | Maintaining Hosts |
| Administrator | maintain a service. | |
| Administrator | enable and configure system roles that define permissions on a per meta key basis for individual Brokers, Concentrators, Network Decoders, and Log Decoders.* | See the System Security and User Management Guide for more information. |
* You can perform these tasks in the current view.
Related Topics
Quick Look
The Settings tab includes two features.
| Feature | Description |
|---|---|
| SDK Meta Role Permissions field | Provides option for disabling or configuring meta key and content restrictions. The filtering options are described. |
| Apply button | Applies the selected configuration immediately. If not disabled, the meta keys are added to the Roles tab so they can be applied to specific roles. |
SDK Meta Role Permissions Options
The following table lists the filtering options available in the SDK Meta Role Permissions selection list, and the numeric values used to disable (0) and the types of filtering (1 through 6).
Note: There is no need to know the numeric value unless configuring metadata and content visibility manually in the system.roles node.
| system.roles Node Value | Settings Tab Option | Description |
|---|---|---|
| 0 | No Filtering (Disabled) | System roles that define permissions on a per meta key basis are disabled. |
| 1 | Whitelist metadata and content | Metadata and content for the specified SDK meta roles are white listed, or visible to users assigned the system role. |
| 2 | Whitelist only metadata | Metadata for the specified SDK meta roles is white listed, or visible to users assigned the system role. |
| 3 | Whitelist only content | Content for the specified SDK meta roles is white listed, or visible to users assigned the system role. |
| 4 | Blacklist metadata and content | Metadata and content for the specified SDK meta roles are black listed, or not visible to users assigned the system role. |
| 5 | Blacklist only metadata | Metadata for the specified SDK meta roles is black listed, or not visible to users assigned the system role. |
| 6 | Blacklist only content | Content for the specified SDK meta roles is black listed, or not visible to users assigned the system role. |
