Users and projects¶
Navigate to Users and projects to create a new project, register users who will work thereon, give or remove access to projects for users, configure notifications.
Note: For security reasons, we strongly recommend to use the administrator account for working in the Users and projects section only. For working in the Console section, we recommend you to use only additional accounts, created without administrator rights.
Users and projects¶
To give a user an access to CROC Cloud resources go to the main menu, select Users section and click Add user. In the opening dialog window, fill in all the fields. User ID may only contain lowercase Latin letters, digits, and symbols “.”, “_” and “-“. Remember the user ID format: firstname.lastname@example.org, where yourcompany.name is the Company’s name specified during the registration in CROC Cloud. We strongly recommend you to always specify user’s e-mail since it will be used for notifications about events, maintenance works and problems of projects which the user participates in.
You can change user permissions by clicking the user login.
In the Service grants section click Grant permissions to give a user administrative permissions to the Billing or Users services. You should click Revoke permissions to restrict to a user an administrative access.
It’s important to give service grants with proper attention. They allow users to see an information about all customer’s costs and to manage all customer’s users, projects and permissions.
You can manage users permissions in projects in the Projects section. It is possible to give or restrict an access to Infrastructure, File, Monitoring, Web remote console and Activity log services in projects. Also you can point specific actions for these services, which users are able to perform in projects. To give such access click the project ID and then Grant permissions button. To restrict user rights click Revoke permissions.
Activity log permissions allow users to control events in all projects of the customer, no matter for which project they’ve been given.
If you want to restrict the user’s access in all projects you can just delete this user from CROC Cloud.
You can create projects, manage users and their permissions in this section. Navigate to Projects section and click Add project. Project ID is used when operating with CROC Cloud API. Project ID restrictions are the same as those imposed on User ID.
Click project ID link in the list to navigate to a detailed information page. Click Add user button to add a user to the project. Be sure to specify the role of this user in the project.
Role is a set of rights, or actions the user is permitted to perform with project objects. Example: The user may launch and stop instances but may not delete them.
The following role templates are defined by default in CROC Cloud:
|Cloud administrator||Full set of rights to operate with instances and cloud object storage.|
|CloudTrail administrator (Activity log administrator)||Full set of rights to operate with Activity log service.|
|Storage administrator||Full set of rights to operate with cloud object storage.|
|VM administrator||Full set of rights to operate with instances.|
CloudTrail administrator role allows users to control events in all projects of the customer, no matter for which project they’ve been given.
You may also create your own roles and use them in day-to-day work (see Roles section). To create your own roles, you need to understand the CROC Cloud API.
You can change the permission set of a role template, but these changes will affect only new role assignments to users. The set of permissions for users who were previously assigned this role template won’t be changed.
CROC Cloud sends to users notifications about events, maintenance works, issues and etc. You can manage notification subscriptions in Notifications section.
In this section you can create, edit and delete contacts - e-mail addresses for Cloud notifications. Users who have email field filled are also displayed in this section. You can select event types for specified e-mail address on the contact information editing form.