Role-based access control (RBAC) is a security control intended to segregate the ability for users to access and interact at different levels with various resources in a system. RBAC enables an administrator (admin) to efficiently manage system-provided (predefined) roles or create customized (custom) roles. By combining read-only and/or read-write permissions, the admin can tailor these roles to match the user's requirements in IoT OD's Application Manager.
IoT OD's Role-based access control, offers the following system-provided (predefined) roles for the Application Manager:
App Manager Admin (read-write)
App Manager User (read-only)
The system-provided roles can simplify the initial stage of using the App Manager and help manage the service's basic security posture.
Besides the system-provided roles, IoT OD's RBAC has extensive capabilities to create custom roles. The following tables provide available read-only and read-write permissions that can be used for custom role creation. The permissions are aggregated into buckets that reflect the structure of the App Manager to help with the process of custom role creation.
Permissions for Applications management (App Manager only)
Application Manager > Applications
* View list of applications * View application Instances * View Application details * View App Instance details and additional information such as viewing App Logs, IP Configuration, and Resource usage * Perform device-level actions such as Device refresh, Download Tech support logs