Multi-Tenancy

Learn about Multi-Tenancy for end Users in Opsview Cloud

As described in Overview of the Security Model, Multi-Tenancy is a great way to give a control of Opsview Cloud to your end users. It does so by allowing them to create new Hosts and further Roles and Users all within their own secure, private environment.

To use Multi-Tenancy, you must first ensure that your User's Role has the CONFIGURETENANCIES option checked. This option is located within the 'Configuration' tab, as shown below:

883883

By default, this option is disabled. Once the option is enabled, you should be able to see 'Multi-Tenancy' under the Configuration menu.

Adding a Tenancy

To add a new Tenancy, navigate to 'Multi-Tenancy' within the Configuration menu. A screen similar to the one below is displayed:

11571157

Click on the 'Add New' button which will display a window as shown below.

583583

In the above example, we are creating a new Tenancy based on the 'Opsview Servers' Role. This Role has access to view and modify only the hosts within the 'Monitoring Servers' Host Group, and can only view Service Checks on those Hosts that are within the service group 'Application ' Opsview'.

Note: Primary roles are not allowed to have any of the following accesses: ADMINACCESS, CONFIGURETENANCIES, CONFIGUREVIEW, CONFIGUREKEYWORDS, VIEWALL, ACTIONALL, TESTALL, NETFLOW, CONFIGURENETFLOW, REPORTADMIN, BSM, CONFIGUREBSM, CONFIGUREBSMCOMPONENT

After clicking 'Submit', the new Tenancy is added:

11521152

Note: Once the primary role and the multi tenancy definition have been associated (Configuration --> Multi-Tenancy) the primary role cannot be changed, although an administrator can edit the permissions for that role. Opsview will automatically ensure that all other roles in that tenancy will not have more permissions than the primary role.

Now, when a User with the 'Opsview Servers' role logs in, he will be able to add Hosts, create Roles (if the Role 'Opsview Servers' allows), and so on, all based on the Hosts and Service Checks that the primary Role is configured to allow Users to view and edit.