Users
Users are organization's members that have a RosettaHub account, they could have zero, one or multiple cloud accounts that are consolidated under the organization's master cloud accounts. Users have a defined access perimeter which are defined by cloud account policies that are managed by RosettaHub following a RBAC model. The accounts of the users are fully monitored using tools such as AWS Lambda/Cloud Functions, AWS Cloudwatch/GCP alerts, AWS Cloudtrail/GCP sinks etc. Each user also has a default cloud storage, a default network file system and default RosettaHub keys that help them manage their data and launch instances from the RosettaHub console.
Organization Managers can take many actions on users which range from giving/removing access, changing budgets to fully administering their accounts if they have SUPERUSER role on the users.
Accounts actions:
Show Cloud Accounts: Show the cloud accounts associated with the selected users
Create Cloud Accounts: create cloud accounts for the selected users
Set Type: Sets the type of a registration. Valid types depend on your organization and can be one of the following: User, Manager, Researcher, Educator, IT or Student
Organization actions:
Managers can add or remove users from sub-organizations on which they have ADMIN or SUPERUSER roles
Add to Organization: Users that are added to an organization see their limits upgraded to the limits of the organization
Remove From Organization: Users that are removed from an organization do not see their limits changed
Email Actions:
Send Credentials: Sends the user a link via email to reset his/her credentials
Update Email: Changes the email of the user, this is only possible if the email associated to the account is marked as invalid
Permissions actions
The users’ perimeter cannot be larger than the one of the organization's CPOC. If you would like to get more permissions for the CPOC account please contact RosettaHub.
Set Limits: Set limits for a user's cloud accounts: maximum number of machines, maximum storage size etc.
Assign Roles to User: Set a user’s assigned roles. Regions, services, and instance types are mapped to RosettaHub roles, adding or removing such roles changes the allowed perimeter of actions for the user's cloud accounts
Superuser actions:
Actions under Superuser are for managers who have a role of SUPERUSER on the users that they manage.
Masquerade as: Masquerades as a user, you will be logged in to RosettaHub as the user, it is not possible to un-masquerade
Masquerade as(show all): same as"Masquerades as" but you will be able to see everything on the console even the features that the actual user don't have due to his role permissions
Update password: update the selected user's password
Delete: delete the selected user, all cloud accounts associated with the user are fully cleaned and moved to a cloud account pool so that they can be assigned to new users