ViPR administration tasks are controlled by assigning Active Directory (AD) Users / Groups into Roles. Also, access to the ViPR resources can be controlled by assigning AD Users / Groups to the appropriate Access Control List (ACL).
There are 3 levels of ViPR roles: VDC, Tenant, and Project.
VDC Security Administrator assigns roles and project ACLs to AD Users or Groups.
Tenant Administrator assigns AD Users and Groups to the Tenant Roles and Project ACLs.
ACLs configured for the specific Tenants can control access to:
ACLs configured for the specific AD Users and Groups can control access to:
- VDC Roles
- Service Catalog categories
- Specific service in the Service Catalog
ACLs configured for the specific Projects can control access to:
- Consistency Groups
Multi-sites federated configuration provides:
– Security configuration propagated across ViPR instances
– Single sign-on access across ViPR instances
– Tenants and Projects are defined once and are accessible across ViPR instances