Authorization

Solution Manager supports several kinds of users, each one with different access rights to specific features of the tool. This type of security is implemented in terms of users and roles in the Solution Manager Virtual DataPort Server.

Note

For more information about how to create users or to assign roles to normal users, check the section Administration of Databases, Users, Roles and Their Access Rights of the Virtual DataPort Administration Guide.

The following sections explain what kind of users the Solution Manager considers and what privileges they have.

Solution Manager Administrator

A Solution Manager administrator user is implemented as a normal user in Virtual DataPort Server with the predefined role solution_manager_admin assigned.

This user is intended to define catalog elements and work with licenses. More in detail, this kind of user can:

yes Create, edit and remove environments, clusters and servers.

yes Set the Version Control System configuration.

yes Set the Informative Message configuration.

yes Manage licenses.

but cannot:

no Manage deployment configurations.

no Manage load balancing variables.

no Set Virtual DataPort nor Scheduler properties in environments and clusters.

no Access revisions nor deployments.

no Execute diagnostic and monitoring operations.

Promotion Administrator

A promotion administrator user is implemented as a normal user in Virtual DataPort Server with the predefined role solution_manager_promotion_admin assigned.

This user is intended to create revisions, validate them and deploy them in environments. More in detail, this kind of user can:

yes Access the main information of the elements of the catalog in read only mode.

yes Manage deployment configurations.

yes Manage load balancing variables.

yes Set Virtual DataPort and Scheduler properties in environments and clusters.

yes Create, edit and remove her own revisions.

yes Access the revisions from other users in read only mode.

yes Validate and deploy any revision in environments.

but cannot:

no Create, edit nor remove environments, clusters and servers.

no Set the Version Control System configuration.

no Set the Informative Message configuration.

no Manage licenses.

no Edit nor remove revisions from other users.

no Execute diagnostic and monitoring operations.

Promotion Administrator for Certain Environments

A promotion administrator user for certain environments is implemented as a normal user in Virtual DataPort Server with one or more of the following predefined roles assigned:

  • solution_manager_promotion_admin_development
  • solution_manager_promotion_admin_production
  • solution_manager_promotion_admin_staging

This user is interpreted from the Solution Manager point of view as a promotion administrator user with the difference that she can only validate and deploy her own revisions in the target environments that have the specific scenario assigned. For example, a user with role solution_manager_promotion_admin_staging can only validate and deploy any revision in any staging environment.

Promotion

A promotion user is implemented as a normal user in Virtual DataPort Server with the predefined role solution_manager_promotion assigned.

This user is intended to create revisions, validate and deploy them in environments. More in detail, this kind of user can:

yes Access the main information of the elements of the catalog in read only mode.

yes Create, edit and remove her own revisions.

yes Validate her own revisions in environments.

yes Deploy her own revisions.

but cannot:

no Create, edit nor remove environments, clusters and servers.

no Create revisions loading a VQL file.

no Manage deployment configurations.

no Manage load balancing variables.

no Set Virtual DataPort nor Scheduler properties in environments and clusters.

no Set the Version Control System configuration.

no Set the Informative Message configuration.

no Manage licenses.

no Access revisions from other users.

no Execute diagnostic and monitoring operations.

Promotion for certain environments

A promotion user for certain environments is implemented as a normal user in Virtual DataPort Server with one or more of the following predefined roles assigned:

  • solution_manager_promotion_development
  • solution_manager_promotion_production
  • solution_manager_promotion_staging

This user is interpreted from the Solution Manager point of view as a promotion user with the difference that she can only validate and deploy her own revisions in the target environments that have the specific scenario assigned. For example, a user with role solution_manager_promotion_staging can only validate and deploy any revision in any staging environment.

JMX Administrator

A JMX administrator user is implemented as a normal user in Virtual DataPort Server with the predefined role jmxadmin assigned.

This user is intended to perform some operations related with the diagnostic and monitoring of the Denodo servers. More in detail, this kind of user can:

yes Access the main information of the elements of the catalog in read only mode.

yes Change logging level of Virtual DataPort servers.

yes Execute Denodo Monitor to gather the execution logs of the Virtual DataPort servers.

but cannot:

no Create, edit nor remove environments, clusters and servers.

no Manage deployment configurations.

no Manage load balancing variables.

no Set Virtual DataPort nor Scheduler properties in environments and clusters.

no Set the Version Control System configuration.

no Set the Informative Message configuration.

no Manage licenses.

no Access revisions nor deployments.

Global Administrator

A global administrator user in the Solution Manager is implemented as an administrator user in Virtual DataPort Server or as a normal user with the role serveradmin assigned.

This kind of user has all the privileges of a Solution Manager administrator and a promotion administrator together. More in detail, this kind of user can:

yes Create, edit and remove environments, clusters and servers.

yes Set the Version Control System configuration.

yes Set the Informative Message configuration.

yes Manage licenses.

yes Manage deployment configurations.

yes Manage load balancing variables.

yes Set Virtual DataPort and Scheduler properties in environments and clusters.

yes Create, edit and remove revisions.

yes Access the revisions from other users in read only mode.

yes Validate and deploy any revision in environments.

yes Execute diagnostic and monitoring operations.

Important

When you access the Solution Manager for the first time, there is always an administrator user in Virtual DataPort with name admin and password admin. For security reasons, you should change its password or even define a new administrator user and delete the user admin.

Developer

Any other user defined in Virtual DataPort is interpreted from the Solution Manager point of view as a developer user.

This user is only intended to create revisions. More in detail, this kind of user can:

yes Access the main information of the elements of the catalog in read only mode.

yes Create, edit and remove her own revisions.

yes Validate her own revisions in environments.

but cannot:

no Create, edit nor remove environments, clusters and servers.

no Create revisions loading a VQL file.

no Manage deployment configurations.

no Manage load balancing variables.

no Set Virtual DataPort nor Scheduler properties in environments and clusters.

no Set the Version Control System configuration.

no Set the Informative Message configuration.

no Manage licenses.

no Access revisions from other users.

no Deploy any revision.

no Execute diagnostic and monitoring operations.