AnsweredAssumed Answered

Aveksa access right for weblogic admins

Question asked by Zoltan Izsak on Mar 22, 2018
Latest reply on Mar 23, 2018 by Boris Lekumovich

Like • Show 0 Likes0
Comment • 3

I would like to grant specific aveksa access rights to weblogic admins. It seems to me they need access to:

Admin -> System -> Server Nodes

Admin -> System -> Logs

Admin -> Monitoring

How can I do this?

In general what is the best practice to grant access right to IT admin guys who should not be able to see user and application data?

Boris Lekumovich

Mar 23, 2018 8:20 AM

Correct Answer

I don't know how you plan to achieve it with app-roles, but with roles it possible to some extent.

Create a new role
Add relevant aveksa entitlements
- For logs - System Logs : View
- For monitoring - Monitoring : View
- For Server Nodes - couldn't find a relevant aveksa authorization
Create a membership rule (a rule which will add specific users to that role)
- Let's say all users who are under IT Admin department (or any other attribute)
- All users who are added to this role will be granted with access which was defined in step #2

See the reply in context

No one else had this question

Outcomes

Boris Lekumovich

Mar 23, 2018 7:51 AM

Have you considered using roles and membership rule?

Actions

Zoltan Izsak @ Boris Lekumovich on Mar 23, 2018 8:08 AM

Actually I thought application roles, not roles. But the problem is the same, how can I create a role/application role which enables members to access Aveksa monitoring features without access to other system settings.

Actions

Boris Lekumovich

@ Zoltan Izsak on Mar 23, 2018 8:20 AM

I don't know how you plan to achieve it with app-roles, but with roles it possible to some extent.

Create a new role
Add relevant aveksa entitlements
- For logs - System Logs : View
- For monitoring - Monitoring : View
- For Server Nodes - couldn't find a relevant aveksa authorization
Create a membership rule (a rule which will add specific users to that role)
- Let's say all users who are under IT Admin department (or any other attribute)
- All users who are added to this role will be granted with access which was defined in step #2

Actions

3 Replies

Boris Lekumovich Mar 23, 2018 7:51 AM
Mark Correct
Correct Answer
Have you considered using roles and membership rule?
Like • Show 0 Likes0
Actions
- Zoltan Izsak @ Boris Lekumovich on Mar 23, 2018 8:08 AM
  Mark Correct
  Correct Answer
  Actually I thought application roles, not roles. But the problem is the same, how can I create a role/application role which enables members to access Aveksa monitoring features without access to other system settings.
  Like • Show 0 Likes0
  Actions
  - Boris Lekumovich @ Zoltan Izsak on Mar 23, 2018 8:20 AM
    Unmark Correct
    Correct Answer
    I don't know how you plan to achieve it with app-roles, but with roles it possible to some extent.
    
    Create a new role
    Add relevant aveksa entitlements
    For logs - System Logs : View
    For monitoring - Monitoring : View
    For Server Nodes - couldn't find a relevant aveksa authorization
    Create a membership rule (a rule which will add specific users to that role)
    Let's say all users who are under IT Admin department (or any other attribute)
    All users who are added to this role will be granted with access which was defined in step #2
    Like • Show 0 Likes0
    Actions

Aveksa access right for weblogic admins

Outcomes

Related Content

Recommended Content