Configure custom roles
In some cases, the built-in ADCM roles functionality is not enough to grant the users sufficiently granular access. In this case, you can create a new role with appropriate permissions.
The process of creating a new role is described on the Creating roles page.
Example
Let’s assume that we need a role that only allows to run any check action on a cluster. In order to create it, we have to include the Cluster Action: Check
and Service Action: Check
permissions. We create a new role with those permissions included and name it Cluster action check
.
![The Cluster action check role](_images/custom-roles-1.png)
We create a new policy (Action check
) to implement the Cluster action check
role. We select the user
user to be affected by this policy.
![The first step of creating the Action check policy](_images/custom-roles-2.png)
We select the Hive
service and the ADH
cluster for the Action check
policy.
![The second step of creating the Action check policy](_images/custom-roles-3.png)
After the Action check
policy is created, the user
is able to run check actions for the ADH
cluster and the Hive
service.
If we didn’t include the Service Action: Check
permission into the Cluster action check
role, we wouldn’t be able to select any service when creating the Action check
policy. The objects available to select when creating a new policy depend on the permissions included in the role a new policy is based on.