Creating a User-Defined Role
You can create custom roles to grant users different access rights to the Connectivity Services Director modes. Connectivity Services Director modes—Report, Deploy, Monitor, Fault, and Build are available to assign to custom user roles in the list of application workspaces and associated tasks
Junos Space Network Management Platform provides read-only predefined roles—that is, Super Administrator, System Administrator, or User Administrator—that you can use to create users to perform tasks that these roles permit. You can also create read-write user-defined roles that conform to user responsibilities and access privileges required on your network. You can modify and delete only user-defined roles that you create. You cannot modify or delete predefined roles.
The following predefined roles are applicable for Connectivity Services Director to handle different operations for devices and services with varying privileges and permissions:
The Device Manager role allows an administrator to discover devices.
The Service Manager role allows an administrator to perform device pre-staging actions including discovering and assigning device roles.
The Service Designer roles allows an administrator to create and publish a service definition.
The Service Activator (less privileged) role allows an administrator to perform provisioning tasks including creating and managing customers, service orders, and services.
For the Service Manager, Service Designer, and Service Activator user roles that are present in Services Activation Director, the roles are migrated with additional access privileges to enable access to the different lifecyle modes of Connectivity Services Director after upgrading to Connectivity Services Director, Release 1.0.
To create a user-defined role:
- On the Junos Space Network Management Platform user interface,
select Role Based Access Control > Roles.
The Roles page appears.
- Click the Create Role icon on the menu bar.
The Create Role page appears, allowing you to select workspaces and associated tasks from all deployed applications.
- In the Title text box, type a user-defined
The role title cannot exceed 32 characters. The title can contain only letters and numbers and can include a hyphen (-), underscore (_), or period (.). Also, the title cannot start with a space.
- In the Description text box, type a user-defined
The role description cannot exceed 256 characters. The description can contain only letters and numbers and can include a hyphen (-), underscore (_), period (.), or comma (,).
- Select an application workspace from the application selection
Mouse over an application workspace icon to view the application and workspace name. You can select one or more workspaces per user-defined role. An expandable and collapsible tree of associated tasks appear below the selection ribbon for you to modify specific tasks that you want included in the Task Summary pane.
- Select the specific tasks that you want for the user-defined
role. All application workspace tasks are selected by default in the
Only the currently edited application workspace node is expanded in the Task Summary pane; previously selected workspace nodes are collapsed. You can expand other workspace nodes manually.
Selecting the top node or workspace selects or deselects the whole task tree. Selecting any task node automatically selects all tasks under the task node. Selecting any task node automatically selects its parent and grandparent.
Only the currently active task tree appears in the Task Summary pane.
In the Task Summary pane, the top-level application node in the tree is set in bold-italic; the second-level workspace tree node is set in bold.
- Click Create.
The user-defined role is created, saved, and appears on the Roles inventory page.
Scroll down or search to view it.
You cannot create or save a user-defined role when the workspace tasks are not selected. Junos Space throws the following error message:
Task tree selection can not be empty.
Creation of a role generates an audit log entry.