Roles
Overview Copied
The Roles page allows you to view and create Gateway Hub roles.
Gateway Hub roles are used to manage viewing and editing permissions for various Gateway Hub resources and data. By default, Gateway Hub includes the Administrator or Operator roles. These included roles cannot be edited or removed.
When you create a role you can configure which SSO users are assigned the role. For more information about creating roles, see Roles admin.
Additionally, you can grant a role to an application using an application key. For more information, see Create API keys in Application Keys.
Roles list Copied
The Roles page shows a list of all existing roles.
You can use this page to edit, remove or add roles. However, a user must have access to the correct resources to make changes.
You can perform the following operations from the roles list:
- To modify an existing role, click the role name. This will open the Roles admin page for the specified role.
- To create a new role, click New Role. This will open an empty Roles admin page.
- To delete a role, click the Delete icon next to the role name.
Roles admin Copied
The Roles admin page is composed of two parts:
- Role details — specify which metrics, events and Gateway Hub resources are available to a role.
- Role mappings — specify which SSO groups or users should be granted this Gateway Hub role.
Role details Copied
In this section you can specify the Name of this role and apply a Filter to the data available to this role using either Basic or Advanced queries
Basic Filter Copied
Basic filtering allows you to filter based on the value of attributes.
To use Basic filtering:
- Click next to Filters. The Select attribute and Value drop-down lists appear.
- Select an Attribute from the drop-down list.
- Select a value from the drop-down list. This auto-populates based on the selected Attribute.
You can create an unlimited number of Filters.
To remove a Filter, click next to the Filter.
Advanced Filter Copied
Advanced filtering allows you to create Filters using the full Gateway Hub REST API entity filter syntax. You can create an unlimited number of Filters.
For more information, see .
To use Advanced filtering:
- Click Advanced to the right of Filters. A text box will appear.
- Write your query in the text box. The Web Console will provide code completion options.
- Click Apply.
To remove a Filter, click the next to the Filter.
Resources Copied
You can grant a role either Read or Write access to each of the following Gateway Hub resources.
| Resource | Description |
|---|---|
| admin | Access to Gateway Hub configuration pages and Capacity Planner publishing. |
| policy | Access to Monitoring Coverage policies. |
| gateways | Access to Gateway centralised configuration, including binaries and include files stored in Gateway Hub. |
| * | Access to all Gateway Hub resources. |
Role mappings Copied
You can automatically assign SSO groups and their members to a Gateway Hub role.
Assigning roles directly to users is not recommended except for testing and proofs of concept.
| Field | Description |
|---|---|
| Groups | List of SSO groups that Gateway Hub will grant this role. |
| User | List of SSO users that Gateway Hub will grant this role. |
Click Add new row to add new elements to the list.
Note
When configuring role mappings, ensure that the configuring user has administrator permissions, either as a user or as part of a group. Otherwise, you may lock yourself out of Gateway Hub. To prevent this Gateway Hub will not save a role mappings configuration that would lock you out.