Configure Role-Based Access

Access control provides a role-based system to authenticate users in BeyondInsight for Unix & Linux. Users are assigned roles based on the level of access they need to do their BeyondInsight for Unix & Linux job functions.

Areas in the console require certain permissions. If a user is not assigned those permissions, then they cannot access those features in the console. For example, the policyadmin role is required for an authenticated user to interact with policy.

Roles can be assigned to either a user account or a group.

The account created during the first run wizard is assigned the sysadmin role. This role has full privileges in the system.

The following roles are available:

  • sysadmin: All roles; can do everything
  • policyadmin: Full access to policy management
  • softwareadmin: Full access to software management (deploy software, remove, etc.)
  • auditor: Full access to log features
  • amountadmin: Full access to controlling console access
  • apiuser: Full access to using the public REST API

Full access to the entitlement gives the user or group the following permission attributes: create, view, update, and delete.

You can assign roles in two ways:

  • On the Settings > Users page. Provision roles on the details page for users and groups.
  • On the Settings > Roles page. See the following sections for details.

For more information on provisioning roles for users, please see Assign a Role to a User Account.

Assign a Role to User Accounts

  1. Select Settings > Roles.
  2. Select a role from the list.
  3. Click the Users tab or Groups tab.
  4. Click the toggle Show users with/without this role to see users not currently in the role. Check the boxes for users you want to add.
  5. Click Add Selected Users.

Assign a Role to Groups

  1. Select Settings > Roles.
  2. Select a role from the list.
  3. Click the toggle Show groups with/without this role to see groups not currently in the role.
  4. Check the boxes for groups you want to add.
  5. Click Add Selected Groups.