Updated on 2024-09-24 GMT+08:00

Creating a Custom Role

In a bastion host, default roles include DepartmentManager, PolicyManager, AuditManager, and User. This topic walks you through how to create a custom role.

Constraints

  • Only system administrator admin can create a system role.
  • To obtain permissions for the user group and account group modules, configure the User and Account modules.

Creating a Role

  1. Log in to your bastion host.
  2. In the navigation pane on the left, choose User > Role to go to the role list page.
  3. On the displayed page, click New in the upper right corner of the page. In the displayed New Role dialog box, complete required parameters

    Table 1 Parameters for creating a role

    Parameter

    Description

    Role

    Specifies the role name.

    The value of Role must be unique in a bastion host and cannot be changed after it is created.

    Managing Permission

    Specifies whether to enable permission management for the role.

    Users assigned with management permissions can select a superior department when they create a resource or user.

    • Enable: The role has the management permissions and users with this role granted can view the data of their departments and lower-level departments.
    • Disable: The role has no management permissions.

    Remarks

    (Optional) Provides supplementary information about the role.

  4. Click Next. In the displayed dialog box, configure system module permissions for the role.

    • Select a system module and specific actions: the role has permissions for the module and selected actions.
    • Select only a system module: The role has only the permission to view the module.

  5. Click OK. You can then view the created role in the role list.