4.33
This topic describes the different permissions you can manage for a role.
In this topic:
Viewpoint uses permissions to let you control user access. For example, you can grant a user the ability to see a feature, but not edit it. Permissions are broken into two areas: Viewpoint and Domain. The Viewpoint permissions control access to the various pages and the Domain permissions control access to specific functions on that page.
The following table describes each of the Viewpoint permissions. For ease of use, the permissions are listed in this topic in alphabetical order.
| Permission | Description |
|---|---|
| Configuration Page | Lets the user access the Configuration page. This permission should only be set for administrators. |
| Create Job Page | Lets the user access the Create Job page. |
| Configuration/Application Templates | Lets the user view, deploy, and export application templates on the Application Templates Configuration page. |
| File Manager Page | Lets the user access the File Manager page. When applied, the File Manager page becomes active and the user is able to upload or download files. |
| Home Page | Indicates whether "Home" appears in the menu bar for the user. |
| Job Details | Lets the user access the Job Details page to view additional information about the job details. |
| Job Details - Priority Analysis | Lets the user see or modifying the prioritization factors for the job. This permission also requires the associated read-priority or update-priority Domain permission. See 4.41 Job Details Page for more information about the priority information for a job. Also requires the user to have the Job Details and Job Edit-admin permissions. |
| Job Details - Scheduling Analysis | Lets the user view the available nodes for job scheduling. When applied, the "More Information" button appears on the Job Details page. Click this button to view the Scheduling Analysis pop-up window. See 4.41.4 Scheduler Analysis for more information on the window. Also requires the user to have the Job Details and Job Edit-admin permissions. |
| Job Edit-admin | Lets the user edit job information for any job; not limited to only the jobs the user (others in the user's principal) submitted. Also requires the user to have the Job Details permission. |
| Job View All | Lets the user see all jobs in the workload; not limited to only the jobs the user (others in the user's principal) submitted. Also requires the user to have the read-insight-priviledged Domain permission. |
| Nitro Configuration | Lets users access and configure Nitro Services. |
| Nitro Jobs | Lets users view the Nitro Details section for Nitro Jobs. Without this permission, Nitro jobs will not display statistics when viewing job details. |
| Nitro Jobs-admin | Lets users view the Nitro details section for Nitro jobs that they do not own. |
| Nitro Jobs-create | Lets users request application templates of type "Nitro Application". |
| Nitro Templates | Lets users manage Nitro Application Templates. |
| Node Summary Widget | Provides a graphical overview of the total nodes within your Viewpoint configuration and their status. |
| Principal and Roles Pages | Lets the user view and manage roles and principals. This permission also requires the Configuration page permission. This permission should only be set for administrators. |
| Remote Visualization Configuration | Lets users access and configure Remote Visualization Services. |
| Remote Visualization Jobs | Lets users view the Remote Visualization Details section for Remote Visualization jobs. Without this permission, Remote Visualization jobs will not display the connection area and screenshot preview section when viewing job details. |
| Remote Visualization Jobs-admin | Lets users view the Remote Visualization Details section for Remote Visualization jobs they do not own. |
| Remote Visualization Jobs-create | Lets users request application templates of type "Remote Visualization Application". |
| Remote Visualization Templates | Lets users manage Remote Visualization Application Templates. |
| Resources | Lets users view available resources (read list of nodes). When applied, the Node Details page becomes active. |
| Sessions Page |
Lets users view and manage a list of their active Remote Visualization Sessions. |
| Sessions Page-admin | Lets users view and manage a list of everyone's active Remote Visualization sessions, as well as create administrative Remote Visualization sessions. Administrative sessions bypass the regular scheduling process and, by default, are arbitrarily placed on the session server with the least amount of remote visualization sessions. |
| System Resources Widget | Provides a graphical ratio of resources dedicated to jobs compared to total resources. The graphical result is displayed based activity within the last 24 hours. |
| Templates Page | Lets the user view the application templates applicable to him/her and make small changes. |
| Templates Page-admin | Lets the user view and manage application templates (for the system). |
| Workload |
Lets the user see jobs. Admins will see all jobs; non-admins will only see their jobs, or the jobs within their principal (user group). 
This permission is required for all roles. |
| Workload Summary Widget |
Provides a graphical overview of the total jobs within your Viewpoint configuration and their status. |
This section describes each of the Domain permissions. Domain permissions are global in scope. For ease of use, the permissions are listed in this topic by resource type.
In this section:
- Accounting
- Credentials
- Diagnostics
- Events
- Insight
- Jobs
- Job-Arrays
- Metric-types
- Nodes
- Notifications
- Permissions
- Plugins
- Plugin-Types
- Policies
- Principals
- Priority
- Reports
- Reservations
- Resource-Types
- Roles
- Standing-Reservations
- Virtual Containers (VCs)
| Name | Description | Action | Resource |
|---|---|---|---|
| balances-accounting-funds | Permission to read accounting funds balances. | read | accounting/funds/balances |
| quote-accounting-usage-record | Permission to access quote usage-record. | read | accounting/usage-records |
| read-accounting-accounts | Permission to read accounting accounts. | read | accounting/accounts |
| read-accounting-allocations | Permission to read accounting allocations. | read | accounting/allocations |
| read-accounting-charge-rates | Permission to read accounting charge rates. | read | accounting/charge-rates |
| read-accounting-funds | Permission to read accounting funds. | read | accounting/funds |
| read-accounting-liens | Permission to read accounting liens. | read | accounting/liens |
| read-accounting-organizations | Permission to read accounting organizations. | read | accounting/organizations |
| read-accounting-quotes | Permission to read accounting quotes. | read | accounting/quotes |
| read-accounting-transactions | Permission to read accounting transactions. | read | accounting/transactions |
| read-accounting-usage-records | Permission to read accounting usage-record. | read | accounting/usage-records |
| read-accounting-users | Permission to read users in the accounting system (MAM users). | read | accounting/users |
| statement-accounting-funds | Permission to read account funds statement. | read | accounting/funds/reports/statement |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-credentials | Permission to read credentials. | read | credentials |
| update-credentials | Permission to update credentials. | update | credentials |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-diagnostics | Permission to read diagnostics. | read | diag |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-events | Permission to read events. | read | events |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-insight | Permission to read insight-specific URLs. | read | insight |
| read-insight-privileged | Permission to read insight-admin URLs. | read | insight |
| read-insight-user | Permission to read insight-user URLs. | read | insight |
| Name | Description | Action | Resource |
|---|---|---|---|
| cancel-jobs |
Permission to cancel (delete) your jobs. Depending on the user's principal setting, other users within the same user group/account may also be able to cancel the jobs. |
delete | jobs |
| cancel-jobs-any | Permission to cancel (delete) any job, regardless of who created it. | delete | jobs |
| create-jobs | Permission to create jobs for any tenant. | create | jobs |
| read-jobs | Permission to read jobs. | read | jobs |
| read-job-templates | Permission to read job (application) templates. | read | jobs |
| update-jobs |
Permission to update your jobs. Depending on the user's principal setting, other users within the same user group/account may also be able to update your jobs. |
update | jobs |
| update-jobs-any | Permission to update any job, regardless of who created it. | update | jobs |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-job-arrays | Permission to create job arrays. | create | job-arrays |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-metric-types | Permission to read metric types. | read | metric-types |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-nodes | Permission to read nodes. | read | nodes |
| update-nodes-features | Permission to update node features. | update | nodes |
| update-nodes-image | Permission to update node images. | update | nodes |
| update-nodes-power | Permission to power node on/off. | update | nodes |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-notifications | Permission to read notifications. | update | notifications |
| update-notifications | Permission to update notifications. | read | notifications |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-permissions | Permission to create permissions. | create | permissions |
| delete-permissions | Permission to delete permissions. | delete | permissions |
| read-permissions | Permission to read permissions. | read | permissions |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-plugins | Permission to create plugins. | create | plugins |
| delete-plugins | Permission to delete plugins. | delete | plugins |
| read-plugins | Permission to read plugins. | read | plugins |
| read-plugins-rm | Permission to read resource manager plugin. | read | plugins/rm |
| update-plugins | Permission to update plugins. | update | plugins |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-plugin-types | Permission to read plugin types. | read | plugin-types |
| update-plugin-types | Permission to create or update plugin types. | update | plugin-types |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-policies | Permission to read policies. | read | policies |
| update-policies | Permission to update policies. | update | policies |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-principals | Permission to create principals. | create | principals |
| delete-principals | Permission to delete principals. | delete | principals |
| read-principals | Permission to read principals. | read | principals |
| update-principals | Permission to update principals. | update | principals |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-priority | Permission to read the priority of a job. | read | priority |
| update-priority | Permission to update the priority of a job. | update | priority |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-reports | Permission to create reports. | create | reports |
| delete-reports | Permission to delete reports. | delete | reports |
| read-reports | Permission to read reports. | read | reports |
| read-report-datapoints | Permission to read datapoints. | read | reports/datapoints |
| update-reports | Permission to update reports. | update | reports |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-reservations | Permission to create reservations. | create | reservations |
| delete-reservations | Permission to delete reservations. | delete | reservations |
| read-reservations | Permission to read reservations. | read | reservations |
| update-reservations | Permission to update reservations. | update | reservations |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-resource-types | Permission to read resource types. | read | resource-types |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-roles | Permission to create roles. | create | roles |
| delete-roles | Permission to delete roles. | delete | roles |
| read-roles | Permission to read roles. | read | roles |
| update-roles | Permission to update roles. | update | roles |
| Name | Description | Action | Resource |
|---|---|---|---|
| read-standing-reservations | Permission to read standing reservations. | read | standing-reservations |
| Name | Description | Action | Resource |
|---|---|---|---|
| create-vcs | Permission to create virtual containers. | create | vcs |
| delete-vcs | Permission to delete virtual containers. | delete | vcs |
| read-vcs | Permission to read virtual containers. | read | vcs |
| update-vcs | Permission to update virtual containers. | update | vcs |
Related Topics