Versions Compared

Old Version 7

changes.mady.by.user Tyler Brown

Saved on

compared with

New Version 17

changes.mady.by.user Aryn Wiebe

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Iguana X has a Role role based permission system to restrict user access to various Iguana system and Component component controls.

...

To perform actions a user needs the required permission. By default users do not have access to edit Iguana system settings - they By default, every Iguana instance has an admin user with full access to Iguana system and component controls. Any users created by the admin must be granted access permissions through the use of a role. To edit ‘roles’ for example a user would need to have a matching role tag that grants access to ‘Edit Roles’.

The only user that has all permissions granted to them by default is the admin user.

In Settings > Roles, the admin User can create custom #Role Tags with lists of granted permissions to be assigned to both Users and Components. Iguana system permissions will be applied to the User with the assigned #Role. Component permissions will only be in effect for components with the assigned #Role.

...

Create a Role

...

roles to perform any iguana system or component actions.

Roles contain a list of granted permissions and are assigned to users and components as #role Tags. There are two types of roles:

Expand
title1) User Role - assigned to users to grant Iguana system and component controls.

User Roles are assigned to users to grant Iguana system and component controls.

For example, you may have separate #roles for team members using Iguana based on their needs:

  • #dev who has full controls

  • #support who may only require access the logs, start/stop components and view scripts.

Screen Shot 2024-03-20 at 5.22.29 PM.pngImage Added
Expand
title2) Component Role - assigned to both a user and component(s) to apply permissions to particular components

These can be used when you have particular components that you want to place further restrictions on. For a Component Role to apply, the User (agent) and the component (target) must have matching #roles.

For example, critical components that may be used for operational purposes which do not need to be accessed by every user, a #critical role can be created and assigned to the component and the users who require access. Any user without the matching #critical role assigned, will not have the permissions on that #critical components.

Screen Shot 2024-03-20 at 5.22.47 PM.pngImage Added

Creating Roles

Expand
titleIn Settings > Roles, click Add and enter a #role name

  • Click Add Role at the top right corner of the Roles page.

  • In the Add a Role window, enter your Role Tag #role name and click Add.

Note: Tags are case sensitive and must match exactly when applied to Users and Components.

Screen Shot 2024-03-04 at 12.09.20 PM.png
Choose the the Iguana and Component
Expand
titleChoose Iguana and Component controls to grant Users and Components with this Role
the Role Type and use the check boxes to grant permissions to system and component controls

  • Choose the Role Type - User or Component.

  • Use the select all or check boxes to choose the the Iguana system and component controls you want to grant Users users and Components /or components with this Role role - click Save.

  • Once a Role role is created, it can be edited or deleted as required.

Screen Shot 2024-03-04 at 1.08.05 PM.pngImage Removed

...

Screen Shot 2024-03-20 at 5.39.07 PM.pngImage Added

Assigning Roles

Expand
titleIn Assign each user a User Role and optional Component Roles can be assigned to Users in Settings > Users , add the desired #Role to your User

In Settings > Users, click Edit on the User you wish to add a #Rolerole. You can add multiple Roles roles to a single User, each Role is additive and will provide the User the assigned access permissions.

Screen Shot 2024-03-04 at 1.06.47 PM.pngImage Removed

...

user to apply both User Roles and Component Roles.

Screen Shot 2024-03-20 at 5.34.01 PM.pngImage Added
To apply permissions to a component, you must add a tag to the component that matches with a role. Components without any tags that match to a role are ‘unsecure’ in that there are no permission restrictions applied to the component - ie. anyone can do anything to the component
Expand
titleTo assign a #Role, enter the Role in the Component Card Tags field
Component Roles must be assigned to both the required Users and the Components.

Component Roles are assigned to components in the Component Card Tags field.

  • Open a component card and enter the

#Role

  • #role in the Tags field. Once entered, a

Role

  • role related

Tag

In the Component Card Tags, you will see an alert stating that there are no matching role tags (no permissions applied), meaning that the User will have full component permissions available.

Screen Shot 2024-03-04 at 1.20.26 PM.pngImage Removed

  • tag will be bold and link you to the Role configuration if clicked.

  • If a #Role is not assigned to any components, the component related role permissions will be applied to all components. (this is not true)

  • If a #Role is assigned to select components, the component related role permissions will only be applied to the tagged components. The User will have full component related permissions on all other components.

Screen Shot 2024-03-04 at 1.23.38 PM.pngImage Removed

If a User applies a #Role tag which does not have Tag editing permission to a component, a warning will appear to confirm the change before applying the new permissions.

Screen Shot 2024-03-04 at 1.29.16 PM.pngImage Removed
Expand
titleWhat if a Component has no assigned #Role permissions?

  • you want to add a #role to multiple components, you can use Bulk Editing of Tags in the Bulk Action bar on the Dashboard.

Screen Shot 2024-03-20 at 5.45.07 PM.pngImage Added

Once unique Users and Roles are configured in your Iguana instance, if you have another User with full admin rights, you can delete the admin user. In the future if this needs to be restored, you can do so on the command line.