Custom roles configuring
In some cases, the built-in ADCM roles functionality is not enough to grant the users sufficiently granular access. In this case, you can create a new role with appropriate permissions.
The process of creating a new role is described at the Creating roles page.
Example
Let’s assume that we need a role that only allows to run any check action on a cluster. In order to create it, we have to include the Cluster Action: Check and Service Action: Check permissions. We create a new role with those permissions included and name it Cluster action check.
We create a new policy (Action check) to implement the Cluster action check role. We select the user user to be affected by this policy.
We select the Hive service and the ADH cluster for the Action check policy.
After the Action check policy is created, the user is able to run check actions for the ADH cluster and the Hive service.
If we didn’t include the Service Action: Check permission into the Cluster action check role, we wouldn’t be able to select any service when creating the Action check policy. The objects available to select when creating a new policy depend on the permissions included in the role a new policy is based on.