Creating and Managing Groups
You can organize users into groups based on your organizational needs or other criteria and assign specific roles to the groups, simplifying the management of roles across your Organization versus having to assign roles to individual users. This is known as Role Inheritance. Role inheritance is a powerful feature for granting roles to a user across all accounts in an Organization. Simply grant the necessary role at the Organization level, and the role will be inherited down to all accounts within it.
Groups are found within the Groups page (Administration > Identity Management > Groups). The Groups page provides a list of all the current groups. Once you select a group, its slideout is displayed, showing the editable group name in the header and the following tabs:
|
•
|
Orgs & Accounts—Displays check boxes for all SBOM Insights roles and provides administrators the ability to grant roles at the Organization or account level to a specific Organization or account. The roles are grouped by capability in accordion sections that can be minimized or expanded. Any checked boxes show the roles that are currently granted for that group. |
|
•
|
Billing Centers—Displays what permissions, if any, the currently selected group has on individual billing centers. If the group has permissions and the current has users to add billing centers, the Add Billing Centers button appears on this tab. |
|
•
|
Users—Displays a list of users that can be added or removed from the group. If there are any users already in the group, those users appear at the top of the list (with check boxes selected). |
|
•
|
Info—Displays the Created and Last updated dates for the group. |
All inherited roles are shown explicitly and can only be modified at the level they were assigned. The following subsections provide steps to create and manage user groups:
Creating User Groups
To create a user group, perform the following steps.
To create a user group:
|
1.
|
Go to the Groups page (Administration > Identity Management > Groups). |
|
2.
|
Click the Create New Group button. A Create New Group pane is displayed. |
|
3.
|
In the Create New Group section, enter the following: |
|
•
|
Name—Enter the name of the group. |
Note:Ensure Group names are unique and do not start with initial spaces. All printable UTF-8 non-whitespace characters are allowed.
|
•
|
Description—Enter a description of the group. |
The group record is created and added to the list of SBOM Insights groups on the Groups page. The slideout for the newly created group reappears so that you can now make edits or additions to information on any of its tabs (Orgs & Accounts, Billing Centers, Users, and Info).
Editing User Groups to Apply Roles at the Organization or Account Level
To edit a user group in order to apply roles at the Organization level or account level, perform the steps shown in this section. Keep in mind that accounts are scoped to an Organization. (An Organization is a container for users, groups, and accounts).
For descriptions of SBOM Insights roles, refer to SBOM Insights Roles.
To apply roles to an existing user group:
|
1.
|
Go to the Groups page (Administration > Identity Management > Groups). |
|
2.
|
Click the name of the group you wish to edit. You can use the filter on the Group name column to help you find the group for which you are searching when the list of groups is large. |
When you click the group name, the group record is populated, showing the Orgs & Accounts, Billing Centers, Users, and Info tabs.
|
3.
|
With the group selected in the previous step, do either of the following: |
|
•
|
To change the roles associated with the Organization: |
|
a.
|
Click the Roles tab. The Roles for organization: organization name information is displayed. |
|
b.
|
In the Roles for organization: organization name page, click to select roles that should be added to the group for the Organization shown, and deselect any roles you want removed. |
|
•
|
To change the roles associated with the account: |
|
a.
|
Click the Roles tab. The Roles for organization: organization name information is displayed. |
|
b.
|
Click the Jump To Accounts button and ensure that you see the Accounts header at the top of the slideout. This lets you know you are making changes to the account level and not the Organization level. |
|
c.
|
Within the Accounts section of the Roles tab, click to select roles that should be added, and deselect any roles you want removed. |
Deleting User Groups
To delete a user group, perform the following steps.
To delete an existing user group:
|
1.
|
Go to the Groups page (Administration > Identity Management > Groups). |
|
2.
|
Click the name of the group you wish to delete. You can use the filter on the Group name column to help you find the group for which you are searching when the list of groups is large. |
When you click the group name, the group record is populated.
|
3.
|
Click the Delete button at the bottom of the group record. |
A confirmation message appears.
|
4.
|
Click Delete to confirm. |