Developers Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


RBAC for Multi-Cloud (EC2, ARM, GCE)

Use Case: Multi-cloud self-service provisioning for developers across AWS, Azure Resource Manager, and GCE.

Who can use this feature? Businesses that build software and use more than one public and/or private clouds. An administrator can use ClearGLASS to create accounts for developers and manage their usage to control costs and enable self-service.

Preparation

These instructions assume:

  • You have a ClearGLASS account
  • Clouds have been added to ClearGLASS
  • A Team has been created

The Policy Engine is how permissions are set for a Team. The policy below shows that this Team can Create Resources on AWS EC2 N. Virginia, Azure Resource Manager, and GCE, but all other actions are denied. The policy is simple: Read a Cloud and Create Resources.

[image]

More advanced policies can be created. For example, you can grant or deny permission to all ClearGLASS features.

[image]

You can also give users Read only access or allow them to Edit Tags or Read Logs.

[image]

Use the multi-cloud provisioning policy at the beginning of this article to get going, the setup process should only take a few minutes. Next, you can invite members to join your team. Each Member will get their own ClearGLASS account, user name, and password. When they log in to their account, they will only be able to perform actions based on the Team Policy you have created.

content/en_us/cg_how-to-setup-rbac-for-multi-cloud-environment.txt · Last modified: 2018/03/08 12:14 by cjones

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Acg_how-to-setup-rbac-for-multi-cloud-environment&1710833311