Information security – HP Matrix Operating Environment Software User Manual
Page 182

A service provider administrator assigns service provider users to templates. However, an
organization administrator cannot assign organization users to templates. An organization user
has access to all of the templates assigned to that organization.
A Windows user may be both a service provider user and an organization user. In this case, if
the Windows user logs into the self service portal, the user will have access to the templates to
which he/she is assigned. If the Windows user logs into the organization administrator portal, the
user has access to all of the templates assigned to the organization.
Table 9 Resources visible to service provider and organization administrators and users
Organization
user/group access
Organization
administrator
access
Service provider
user access
Service provider
administrator
controls
Origination
Resource
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if
published. If
Assign to one or
more
Created by IO
architect using
Infrastructure
orchestration
templates
by the
by the service
access restrictions
organizations
infrastructure
organization
provider
are enabled,
and/or restrict
orchestration
designer
administrator
(published only)
administrator
(published and
unpublished)
visible if
published AND
the template is
service provider
user/group access
assigned to the
user/group
Visible if assigned
to the organization
Visible if assigned
to the organization
No restrictions
Assign to one or
more
organizations
1
Created or
discovered by IO;
can be edited by
service provider
administrator
Networks
by the
organization
administrator
by the service
provider
administrator
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if resource
is kept at the
Keep at service
provider or assign
Discovered by IO
Compute
resources
and the user is
by the service
service provider
to one
organization
(physical servers,
VM Hosts, ESX
assigned to the
provider
administrator
level and the user
is assigned to the
resource pools,
pool containing
pool containing
and cloud
resources )
2
the resource by the
organization
administrator
the resource by
the service
provider
administrator
Allocate a
separate storage
Automatically
generated by
Storage pool
entries
tag to each
Matrix OE, or
organization.
created by service
Match logical disk
provider
tags with storage
administrator using
pool entry tags, or
Matrix OE logical
choose the
server
appropriate SPM
management,
storage template
optionally using
using tags in the
IO template
Storage
Provisioning
Manager
1
IO does not include or preclude active firewalling between VLANs.
2
Storage management for physical server blades can be performed only by the service provider administrator.
Information security
The following table shows the information that is visible to the service provider administrator, service
provider user, organization administrator, and organization user.
Service provider administrators and users see messages only related to that organization. To
prevent information from passing from one organization to another through storage, infrastructure
orchestration scrubs both the boot and data disks when a service is deleted.
182
Multi-tenancy in Matrix infrastructure orchestration