The ability of users to perform various actions in the Ravello console depends on the permissions assigned to that user. In Ravello, a user's permissions are determined by the permissions group to which the user is assigned.
Ravello is provided with two predefined permissions groups:
- Admin: This user has permissions for all Ravello functionality.
- User: The default Ravello user has read only permissions for all resource types.
Because the Ravello console might be used by different individuals in the enterprise for different purposes, Ravello enables the creation of customized permissions groups.
When a custom permissions group is created, it does not contain any permissions. The specific permissions must be added manually by the administrator. Different levels of permissions can be added for each resource type in keeping with the needs of your organization and the functionality required by different types of users. For example, you might want to grant finance department personnel access pricing information and edit payment method details, without granting them permissions to manage applications, VMs, and blueprints.
If a user is assigned to more than one permission group, that user inherits the combined permissions of both groups. For example, if one group assigns Read permissions for applications and another allows Read and Create permissions for application, a user that is assigned to both permissions groups can Read and Create applications.