Page Comparison

Iguana X has a Role role based permission system to restrict user access to various Iguana system and Component component controls.

...

To perform actions, a User needs the required permission. The only user that has all permissions granted to them by default is the admin user. By default, all other Users do not have access to edit Iguana system settings - they By default, every Iguana instance has an admin user with full access to Iguana system and component controls. Any users created by the admin must be granted access permissions through the use of Role Tags. For example, to edit ‘roles’ a User would need to have a matching #Role Tag that grants access to ‘Edit Roles’.

In Settings > Roles, the admin User can create custom #Role with lists of granted permissions to be assigned to both Users and Components.

• Iguana system permissions will be applied to the User with the assigned #Role.

• Component permissions will only be in effect for components with the assigned #Role in the Component Card Tags. The User #role does not need to match the Component #role, the component #role permissions trump.

...

Create a Role

...

roles to perform any iguana system or component actions.

Roles contain a list of granted permissions and are assigned to users and components as #role Tags. There are two types of roles:

Expand
title 1) User Role - assigned to users to grant Iguana system and component controls.
User Roles are assigned to users to grant Iguana system and component controls. For example, you may have separate #roles for team members using Iguana based on their needs: #dev who has full controls #support who may only require access the logs, start/stop components and view scripts. Image Added

Expand
title 2) Component Role - assigned to both a user and component(s) to apply permissions to particular components
These can be used when you have particular components that you want to place further restrictions on. For a Component Role to apply, the User (agent) and the component (target) must have matching #roles. For example, critical components that may be used for operational purposes which do not need to be accessed by every user, a #critical role can be created and assigned to the component and the users who require access. Any user without the matching #critical role assigned, will not have the permissions on that #critical components. Image Added

Creating Roles

Expand
title In Settings > Roles, click Add and enter a #role name
Click Add Role at the top right corner of the Roles page. In the Add a Role window, enter your Role Tag #role name and click Add. Note: Tags are case sensitive and must match exactly when applied to Users and Components.

Expand
title Choose Iguana and Component controls to grant Users and Components with this Role	the Role Type and use the check boxes to grant permissions to system and component controls
Choose the Role Type - User or Component. Use the select all or check boxes to choose the the Iguana system and Component component controls you want to grant Users users and Components /or components with this Role role - click Save. Once a Role role is created, it can be edited or deleted as required. Image Removed

...

Image Added

Assigning Roles

Expand
title In Assign each user a User Role and optional Component Roles can be assigned to Users in Settings > Users , add the desired #Role to your User
Expand
title	In Settings > Users, click Edit on the User you wish to add a #Rolerole. You can add multiple Roles roles to a single User, each Role is additive and will provide the User the assigned access permissions. Image Removed

Assign Roles to Components

Components without any tags that match a Role are considered ‘unsecure’ with no permission restrictions applied to the component - ie. anyone can do anything to the component. To apply permissions to a component, you must add a Tag to the component that matches a Role.

Expand
title Components without tags that match a Role have no permission restrictions applied
In the Component Card Tags, you will see an alert stating that there are no matching role tags (no permissions applied), meaning that the User will have full component permissions available. Image Removed

user to apply both User Roles and Component Roles. Image Added

Expand
title Component Roles must be assigned to both the required Users and the Components.
Component Roles are assigned to components in the Component Card Tags field. Open a component card and enter the #Role #role in the Tags field. Once entered, a Role role related Tag tag will be bold and link you to the Role configuration if clicked. If a #Role is assigned to select components, the component related role permissions will only be applied to the tagged components. The User will have full component related permissions on all other components. Image Removed If a User applies a #Role tag which does not have Tag editing permission to a component, a warning will appear to confirm the change before applying the new permissions. Image Removed you want to add a #role to multiple components, you can use Bulk Editing of Tags in the Bulk Action bar on the Dashboard. Image Added

Once unique Users and Roles are configured in your Iguana instance, if you have another User with full admin rights, you can delete the admin user. In the future if this needs to be restored, you can do so on the command line.