New Feature: Role-Based Access Control

As part of our ongoing efforts to improve the management experience for our HC3 users, we’ve introduced role-based access controls in HCOS v8.0. These controls allow a primary administrator (you know, the guy in charge) to create roles for secondary users, limiting the access of these users to specific functionality.

Combined with the audit logging of user activities, this new role-based access control gives more power and flexibility to the primary administrator to control the management activity on an HC3 system. The primary administrator can now add users with a variety of access limitations ranging between read-only access and full administrator privileges.

Any new user added has their own unique login credentials and a default access level of “Read-Only”. The user access level can be changed to “Admin” with full administrator access or customized with a variety of role options that fall in between read-only and admin. These role options are presented as groups of functions related to the functional tasks of that role.

These optional functional roles are as follows:

  • Backup - Clone, Export, Import, Add/Pause Replication to a VM, Create/Delete snapshots, and Create/Delete/Modify snapshot schedules.
  • Cluster Settings - Create/Modify all settings within Control Center, except for User Management and Control (system/cluster shutdown).
  • Cluster Shutdown - Shutdown the system/cluster and any running VMs.
  • VM Create/Edit - Import VMs and Create, Modify, Clone, and Add/Modify VM block (virtual disk) and network devices.
  • VM Delete - Delete VMs and their associated snapshots and devices.
  • VM Power Controls - Start, Shutdown/Power Off, and Live Migrate VMs.

A user can be assigned any number of these optional roles. The roles for any user can be changed at any time by a user with the “Admin” role. Changes to roles on user accounts take effect immediately.

With these new user roles, it is easy to see how HC3 can be better secured an managed in IT environments with any number of users and administrators. As Voltaire famously said, “With great power comes great responsibility.” As HC3 continues to evolve, we want to provide you HC3 administrators with the right powers to manage HC3 responsibly.

For a more technical description of the access roles, check out the Hypercore 8.0 User Guide.