Automox supports six role-based access controls (RBAC). The user roles and permissions are described here:
Note:
Global Administrators have complete control of the Automox account. Zone Administrators only have control of the zone they are assigned to. You can also assign a zone administrator access to the Global View, in which the permissions for the account management are excluded.
It is recommended to keep the number of Global Administrators to a minimum.
Only Global Administrators can invite users to an account.
Permissions | Zone Administrator | Zone Operator | Patch Operator | Billing Administrator | Read Only |
---|---|---|---|---|---|
Billing |
|
|
|
|
|
| X |
|
| X |
|
| X |
|
| X | X |
Devices |
|
|
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X | X | X | X |
| X | X | |||
Groups |
|
|
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X | X |
|
|
| X | X | X | X | X |
Package (Software) |
|
|
|
|
|
| X | X |
|
|
|
| X | X | X | X | X |
Patch Policy |
|
|
|
|
|
| X | X | X |
|
|
| X | X | X |
|
|
| X | X | X |
|
|
| X | X | X |
|
|
| X | X | X | X | X |
| X | X |
|
|
|
RBAC Roles |
|
|
|
|
|
| X |
|
|
|
|
| X |
|
|
|
|
| X |
|
|
|
|
| X | X | X | X | X |
Reports |
|
|
|
|
|
| X | X | X | X | X |
Required Software Policy |
|
|
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X | X |
|
|
| X | X | X | X | X |
SAML |
|
|
|
|
|
| X | X | X | X | X |
| X |
|
|
|
|
| X |
|
|
|
|
Software |
|
|
|
|
|
| X | X | X | X | X |
TFA (two-factor authentication) |
|
|
|
|
|
| X |
|
|
|
|
| X |
|
|
| X |
| X |
|
|
|
|
| X |
|
|
|
|
Users Preferences |
|
|
|
|
|
| X |
|
| X | X |
|
|
|
|
|
|
Users |
|
|
|
|
|
| X |
|
|
|
|
| X |
|
|
|
|
| X |
|
|
|
|
| X |
|
| X | X |
Worklets |
|
|
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X |
|
|
|
| X | X | X |
|
|
| X | X | X | X | X |
Zone |
|
|
|
|
|
| X |
|
|
|
|
| X |
|
|
|
|
| X | X | X | X | X |
Zone Preferences |
|
|
|
|
|
| X |
|
|
|
|
| X | X |
| X | X |
Role Summaries
Zone Administrator: Provides full administrative rights to a specific zone. For zones with a Complete plan, this role can access devices with remote control.
Zone Operator: A zone operator (formerly patch administrator) can create, read, modify, and delete all policies and server groups for a zone(s). They can add, remove, and reboot devices. For zones with a Complete plan, this role can access devices with remote control.
Patch Operator: A patch operator can create, modify, and delete patch policies. They can view and run worklets and required software policies. They do not have permission to create or modify worklets and required software policies. They can add, remove, and reboot devices.
Billing Administrator: Provides full read rights in addition to the ability to view and edit billing information.
Read Only: Provides full read rights to a specific zone.
User preferences, such as notifications and password, can only be modified by the user.
Comments
0 comments
Article is closed for comments.