Access to resources – HP Matrix Operating Environment Software User Manual
Page 142
◦
Service provider architect
Can access the infrastructure orchestration designer to create, modify, and publish
templates for the Service Provider and organizations
◦
Service provider user
Can log into the infrastructure orchestration self service portal and initiate requests for
provisioning using published templates
•
Organization
The service provider administrator dynamically creates the organization and makes resources
available to the organization using the infrastructure orchestration console. See
and
“Adding resources to an organization” (page 146)
for more
information.
Two Microsoft Windows groups are created on the CMS for each organization:
◦
_Administrators use the infrastructure orchestration organization
administrator portal to manage the organization’s virtual IO system.
◦
_Users are essentially the same as service provider users, except
that the organization user's access and control is restricted to the resources assigned to
the organization’s virtual IO system.
See
“Assigning users to an organization” (page 145)
for more information.
Security in infrastructure orchestration multi-tenancy
Multi-tenancy in infrastructure orchestration ensures that information from one organization does
not pass to another organization.
and
show how resources
and information is filtered.
Access to resources
Access to resources in infrastructure orchestration is hierarchical. The service provider administrator
has unrestricted access to resources and can make them available to organizations. Within an
organization, the organization administrator controls access to compute resources by organization
users.
Table 2 Resources visible to service provider and organization administrators and users
Organization
user/group access
Organization
administrator
access
Service provider
user access
Service provider
administrator
controls
Origination
Resource
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if
published. If
Assign to one or
more
Created by IO
architect using
Infrastructure
orchestration
templates
by the
by the service
access restrictions
organizations
infrastructure
organization
provider
are enabled,
and/or restrict
orchestration
designer
administrator
(published only)
administrator
(published and
unpublished)
visible if
published AND
the template is
service provider
user/group access
assigned to the
user/group
Visible if assigned
to the organization
Visible if assigned
to the organization
No restrictions
Assign to one or
more
organizations
1
Created or
discovered by IO;
can be edited by
service provider
administrator
Networks
by the
organization
administrator
by the service
provider
administrator
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if resource
is kept at the
Keep at service
provider or assign
Discovered by IO
Compute
resources
142
Multi-tenancy in Matrix infrastructure orchestration