Abiquo 5.3

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

A resource scope is a scope that is assigned to a resource, such as a VM template or a VApp spec, and it controls resource sharing. Resources can usually have multiple scopes that work in conjunction with other access controls. For example, for administrators these are user role privileges, enterprise allowed datacenters, and user scope.

The administrator assigns the scopes to the resource itself and Abiquo gets the list of enterprises in the scopes and allows the users of those enterprises to access the resource. If the scopes are part of a hierarchy, then an administrator can share resources by selecting child scopes that are beneath their scope in the hierarchy.

For example, for virtual machine templates, the template scopes define a list of tenants whose users can access a shared template.

Pricing scope for pricing models

Abiquo controls access to pricing models with a simple resource scope, according to these rules:

  • When a user creates a pricing model, Abiquo automatically assigns the user's scope for tenants (which is a list of enterprises the user can manage). You cannot change this scope or display it in the UI.
  • Abiquo only allows users with the same tenant scope (who can administer exactly the same enterprises) to manage the user's pricing models
  • All users with pricing privileges can view the pricing model assigned to their own tenant

Scopes for VM templates and VApp specs

The administrator can use scopes to share VM templates and VApp specs.

Changes to scopes in 4.0

The administrator can manage shared templates and specs with scopes if they have the Allow user to switch enterprises privilege and administrator access to the resource in the enterprise that owns it. The administrator can share a template or spec with their own scope, other available scopes, or a child scope in their hierarchy.

The administrator can edit a template and add one or more available scopes including the global scope.The global scope means that users from all current and future enterprises can access this template.

When creating or editing a spec, the administrator can add one or more available scopes. 

Resource scope example

This example applies to template and spec scopes.

Unable to render {include} The included page could not be found.

  • No labels