Rachel works in the IT department, and is responsible for managing user accounts in Red Hat Enterprise Virtualization. She needs permission to add user accounts and assign them the appropriate roles and permissions. She does not use any virtual machines herself, and should not have access to administration of hosts, virtual machines, clusters or data centers. There is no built-in role which provides her with this specific set of permissions. A custom role must be created to define the set of permissions appropriate to Rachel's position.
The custom role shown above allows manipulation of users, permissions and roles. These actions are organized under
System
- the top level object of the hierarchy shown in
Figure 5.3, “Red Hat Enterprise Virtualization Object Hierarchy”. This means they apply to all other objects in the system. The role is set to have an
Account Type of
Admin. This means that when she is assigned this role, Rachel can only use the Administration Portal, not the User Portal.