Information security – HP Matrix Operating Environment Software User Manual
Page 162
Table 9 Resources visible to service provider and organization administrators and users
Organization
user/group access
Organization
administrator
access
Service provider
user access
Service provider
administrator
controls
Origination
Resource
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if
published. If
Assign to one or
more
Created by IO
architect using
Infrastructure
orchestration
templates
by the
by the service
access restrictions
organizations
infrastructure
organization
provider
are enabled,
and/or restrict
orchestration
designer
administrator
(published only)
administrator
(published and
unpublished)
visible if
published AND
the template is
service provider
user/group access
assigned to the
user/group
Visible if assigned
to the organization
Visible if assigned
to the organization
No restrictions
Assign to one or
more
organizations
1
Created or
discovered by IO;
can be edited by
service provider
administrator
Networks
by the
organization
administrator
by the service
provider
administrator
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if resource
is kept at the
Keep at service
provider or assign
Discovered by IO
Compute
resources
and the user is
by the service
service provider
to one
organization
(physical servers,
VM Hosts, ESX
assigned to the
provider
administrator
level and the user
is assigned to the
resource pools,
pool containing
pool containing
and cloud
resources )
2
the resource by the
organization
administrator
the resource by
the service
provider
administrator
Allocate a
separate storage
Automatically
generated by
Storage pool
entries
tag to each
Matrix OE, or
organization.
created by service
Match logical disk
provider
tags with storage
administrator using
pool entry tags, or
Matrix OE logical
choose the
server
appropriate SPM
management,
storage template
optionally using
using tags in the
IO template
Storage
Provisioning
Manager
1
IO does not include or preclude active firewalling between VLANs.
2
Storage management for physical server blades can be performed only by the service provider administrator.
Information security
The following table shows the information that is visible to the service provider administrator, service
provider user, organization administrator, and organization user.
Service provider administrators and users see messages only related to that organization. To
prevent information from passing from one organization to another through storage, infrastructure
orchestration scrubs both the boot and data disks when a service is deleted.
Only the service provider administrator can log in to the infrastructure orchestration CMS to access
other technologies such as logical server management and Systems Insight Manager, and detailed
infrastructure orchestration logs.
162
Multi-tenancy in Matrix infrastructure orchestration