You can translate the question and the replies:

Best practices for Solution Manager roles

I am looking for a suggestion for a setup of roles for Solution Manager similar to the document describing the same for VDP in a domain context (https://community.denodo.com/kb/en/view/document/Denodo%20Design%20Guidelines%20for%20Data%20Mesh%20and%20Decentralized%20Data%20Organizations?tag=Best+Practices) Specifically a document describing some few (2-4) roles required on an SM level with tagged actual associated roles and privileges required for that role. Further to this - with single sign-on -> which roles and privileges would the VDP roles described in the above document required on the SM level to achieve a good user-experience with a least privilege approach.

1 Answer

Hi, Roles defined in the KB article [Denodo Design Guidelines for Data Mesh and Decentralized Data Organizations](https://community.denodo.com/kb/en/view/document/Denodo%20Design%20Guidelines%20for%20Data%20Mesh%20and%20Decentralized%20Data%20Organizations?tag=Best+Practices) are more closely associated with the Denodo Platform where the actual Data Virtualization and Data Mesh is implemented. In terms of Solution Manager, several different personas won’t be required as the main objective of Solution Manager is to act as a single point of access for all Denodo servers along with providing licenses. An administrator user or group of administrators would be responsible for the configuration of [Environments](https://community.denodo.com/docs/html/browse/latest/en/solution_manager/administration/standard/creating_environments/creating_environments), [clusters](https://community.denodo.com/docs/html/browse/latest/en/solution_manager/administration/standard/creating_clusters/creating_clusters) and [servers](https://community.denodo.com/docs/html/browse/latest/en/solution_manager/administration/servers/servers) along with the Configuration of Solution manager server. Non-admin users can have the capability to access Denodo web tools such as Denodo Design Studio, Data Catalog, Scheduler Admin tool and Diagnostic and Monitoring Tool by logging into Solution Manager web admin tool for a particular environment they have permission to access. Normal users or Administrators can configure deployments from one environment to another. For more information on predefined roles in Solution manager, please refer to the [Authorization](https://community.denodo.com/docs/html/browse/latest/en/solution_manager/administration/authentication_and_authorization/authorization/authorization) section of Solution Manager Guide. For more information on Single Sign-On in the Denodo Solution Manager, please refer to [Authenticating with Single Sign-On](https://community.denodo.com/docs/html/browse/8.0/en/solution_manager/administration/authentication_and_authorization/authenticating_with_sso/authenticating_with_sso) of Solution Manager Guide. Hope this helps!
Denodo Team
16-02-2023 10:30:48 -0500
code
You must sign in to add an answer. If you do not have an account, you can register here