Manage roles
If you don't want to give a user full access to the DoiT Platform, you can let them perform only a subset of tasks by assigning a role. Roles make it easy to assign multiple permissions and manage users more efficiently in your organization.
Required permissions: User Manager
Prior to Roles, DoiT Platform users were manually assigned permissions. These legacy permissions are forward-compatible, which means you will not lose access to any functionalities you previously had access to.
Pre-built roles
The DoiT Platform provides several pre-built roles. Each role grants one or more privileges that together, allow performing a common business function. For example, one role allows managing user accounts, another role manages financial aspects, another role manages IT functions, and so on.
Support User
| Privileges | Capabilities |
|---|---|
| Issues Viewer | access Cloud incidents |
| Support Requester | create new and access existing technical support requests |
Standard User
| Privileges | Only users with privilege can: |
|---|---|
| Anomalies Viewer | access Cost anomalies |
| Attributions Manager | create, delete and manage Attributions |
| Budgets Manager | create, delete and manage Budgets |
| Cloud Analytics | create new and access existing Cloud Analytics reports |
| Contracts Viewer | access the commercial contracts |
| Issues Viewer | access Cloud incidents |
| Perks Viewer | access and request ISV solutions |
| Sandbox User | create disposable cloud environments (sandboxes) according to company policy |
| Support Requester | create new and access existing technical support requests |
Power User
| Privileges | Only users with privilege can: |
|---|---|
| Anomalies Viewer | access Cost anomalies |
| Attributions Manager | create, delete and manage Attributions |
| Budgets Manager | create, delete and manage Budgets |
| Cloud Analytics | create new and access existing Cloud Analytics reports |
| Contracts Viewer | provides access to the commercial contracts |
| Flexsave Admin | purchase and manage flexible reservations |
| Issues Viewer | access Cloud incidents information |
| Metrics Manager | create, delete, and manage custom metrics for Cloud Analytics |
| Perks Viewer | access and request ISV solutions |
| Sandbox Admin | set company Sandbox policy for other users |
| Sandbox User | create disposable cloud environments (sandboxes) governed by a company Sandbox policy |
| Spot Scaling Manager | enable and manage Spot Scaling |
| Manage Settings | manage your DoiT Platform account settings |
| Support Requester | create new and access existing technical support requests |
| Users Manager | create, delete and manage users |
IT Manager
| Privileges | Capabilities |
|---|---|
| Assets Manager | View and manage assets (including managing licenses) |
| Issues Viewer | access Cloud incidents |
| Support Requester | Create new and access existing technical support requests |
Finance User
| Privileges | Only users with privilege can: |
|---|---|
| Anomalies Viewer | access Cost anomalies |
| Billing Profiles Admin | create new and manage existing billing profiles, including payment method |
| Cloud Analytics | create new and access existing Cloud Analytics reports |
| Contracts Viewer | access the commercial contracts; create, edit, and delete Ramp plans |
| Invoice Viewer | access invoices |
| Issues Viewer | access Cloud incidents |
| Perks Viewer | access and request ISV solutions |
| Support Requester | create new and access existing technical support requests |
Admin
The Admin role has access to all the features in the DoiT Console and the DoiT Platform API, and can manage every aspect of your organization's account.
Summary: Pre-built Roles and Permissions
| Permissions | Admin | Finance User | IT Manager | Power User | Standard User | Support User |
|---|---|---|---|---|---|---|
| Anomalies Viewer | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Assets Manager | ✓ | ✓ | ||||
| Attributions Manager | ✓ | ✓ | ✓ | |||
| Authentication Manager | ✓ | |||||
| Billing Profile Admin | ✓ | ✓ | ||||
| Budgets Manager | ✓ | ✓ | ✓ | |||
| Cloud Analytics | ✓ | ✓ | ✓ | ✓ | ||
| Contracts Viewer | ✓ | ✓ | ✓ | ✓ | ||
| Flexsave Admin | ✓ | ✓ | ||||
| Invoice Viewer | ✓ | ✓ | ||||
| Issues Viewer | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Manage Settings | ✓ | ✓ | ||||
| Metrics Manager | ✓ | ✓ | ||||
| Perks Viewer | ✓ | ✓ | ✓ | ✓ | ||
| Ramp Plans Viewer | ✓ | |||||
| Sandbox Admin | ✓ | ✓ | ||||
| Sandbox User | ✓ | ✓ | ✓ | |||
| Spot Scaling Manager | ✓ | ✓ | ||||
| Support Requester | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Users Manager | ✓ | ✓ |
Custom roles
To create a custom user role:
Select the gear icon () from the top navigation bar, and then select Identity and access.
Select Roles from the left-hand menu.
You will see a list of preset roles as well as custom roles created by your team.
Select New next to the filter bar.
Enter a name for the new role.
You can also use the file icon to give the role a description.
Choose permissions for the role.
Delete a custom role
You can't delete custom roles that haves been assigned to users.
To delete a custom role:
Select the checkbox next to the role of interest on the Roles page.
Select Delete.
You'll be asked to confirm the deletion before the role is removed.
Default role
A default role is the role a new user on your team is auto-provisioned, until a role is explicitly set by an admin. Both pre-built and custom roles can be designated as the default role.
If auto provisioning is enabled, any user with an email address from your organization's domain can sign up without being invited.
To set a role as the default role:
Locate the role of interest on the Roles page.
Select the role name to open its configuration page.
Select MAKE DEFAULT in the upper-right corner of the page.
Role ID
To find the role ID in the DoiT Console:
Select the gear icon () from the top navigation bar, and then select Identity and access.
Go to the Roles subsection and select the desired role.
Select the Copy Role ID button in the upper-right corner of the role details screen to copy the Role ID to your system clipboard.
