✌️Role Management
2.1. Role Management
2.1.1. Role Overview
Role: The role of the user within the organization, defining the permissions that the user is capable of performing.
Currently, FPT IAM supports two basic roles: Super Admin and Readonly. Users can create Custom Roles with customizable permissions.
2.1.2. View role list
You can view and manage the list of created roles on the Roles management page.
To open Roles Management, follow these steps:
On the FPT Portal, under IAM, select Roles. The system will display a list including both Basic Roles and Custom Roles with the following information:
Name, Type (of role), Description, Status, Created at.
Number of groups: the number of groups currently assigned to the role
Actions: Delete, Edit Basic Information, Edit Permissions
2.1.3 Create and assign permissions to roles
To create a new Custom Role, follow these steps:
In the menu, select IAM > Roles, then choose Create Role.
On the Create role page, enter the required information
Name: Choose a name for the role (Required field - Name limits up to 100 characters. Only letters, numbers, underscores, hyphens, spaces, and dots are allowed. - Names cannot be duplicated).
Description: Describe the role. This field is optional.
Permissions: consists of 3 components
Service type to be granted permissions: list of services on the system (compute, storage, networking, etc.)
Action: Actions of the feature filtered by service type (e.g., Create Instance, Edit Instance, Delete Instance, etc.)
Resource: resources that the authorized user can interact with
Select Service type
The user clicks on the dropdown list to select the service type
Select Action
After the user selects the service type, the system will display a list of actions for that service
The user selects an action to assign permissions
Select the resource the user is authorized to act on. There are two options:
All: grant permissions for all resources on the tenant (all Projects and VPCs belonging to the tenant)
Specific: grant permissions to specific resources
For virtual machine services: users can assign permissions to individual virtual machines
For other services: users can grant permissions at the Project or VPC level
Select Create, and the system will proceed to create and notify the result.
2.1.4. View Role Details
In the menu, select IAM > Roles, and the system will display the Role Management page.
Select the role whose information you want to view from the list. The system will display the Name, Description, and Permissions list for the role.
2.1.5. Edit Role & Permissions
You can change the information and permissions of Custom Roles by following these steps.
In the menu, select IAM > Roles. The system will display the Role Management page.
Select Action at the end of the Custom Role you want to update from the list.
Select Edit Basic Information or Edit Permissions.
Change the Role information
Edit Basic Information
Edit Permissions
Note: When a role changes, it will affect the access rights of all Users in the User Groups assigned that role.
2.1.6 Deleting Roles
For Custom Roles that are no longer needed, you can delete them by following these instructions:
In the menu, select IAM > Roles, and the system will display the Role Management page.
Select Action at the end of the Custom Role you want to delete from the list. Select Delete.
Confirm the warning information in the popup and select Delete.
Note: You can only delete a Role from the system if it is not currently associated with any User Group.
Last updated
Was this helpful?