CloudShell Version: 9.0 GA

Help Version: 2.1

CloudShell
TestShell
Api Guide
View / Download All Help Versions
Online Help

CloudShell User Permission Levels

This article lists the different actions each user type can perform in CloudShell. In the tables below, supported actions are indicated in green while unsupported actions are red.

For more information about group roles and access levels, see Managing CloudShell Groups.

Note: In the tables below, "View Only access" indicates the permissible actions for users who are members of a group that is defined as View Only in the domain. For more information, see Associating groups with a domain.

Blueprints

The following table shows which actions are available for each CloudShell user type in a blueprint.

The permissible actions in a blueprint for users other than the blueprint owner are determined by a combination of the user type, group's role (regular, domain, external), and the group's access level (whether the group is defined as View Only in the current domain).

Note: For brevity, the "Edit" action indicates the user type can create, edit and delete the element.

* indicates that the action is available to the blueprint owner

** indicates that the option can be hidden from non-admin users with the BlockPackageExportForNonAdmins key, see Block non-admin users from exporting a blueprint package.

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External

Extended external

View the list of blueprints

v

v

v

v

v

v

View the blueprint diagram

v

v

v

v

v

v
Create blueprints

v

v

v

v

x

x

Edit blueprints

v

v

x *

x

x

x

Reserve blueprints

v

v

v

x

x

v
Export blueprint packagesvvv **v **xx

Sandboxes

The permissible actions in a sandbox are determined by a combination of the user type, group's role (regular, domain, external), and the group's access level (whether the group is defined as View Only in the current domain), and the current sandbox status.

Permissible actions according to user type

The following table shows which actions are available for each CloudShell user type (that is not a permitted user) in a sandbox. Note that sandboxes of other users in the domain can be hidden from regular users using the ShowOtherUserInDomainReservations key.

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External user

View the list of sandboxes

v

v

v

v

x

View the sandbox diagram

v

v

x

x

x

Edit the sandbox (form)

v

v

x

x

x

Extend the sandbox

v

v

x

x

x

End the sandbox

v

v

x

x

x

Delete the sandbox

v

v

x

x

x

Terminate the sandbox

v

v

x

x

x

Execute commands

v

v

x

x

x

Interact with the sandbox during setup

v

v

x

x

x

Launch applications

v

v

x

x

x

Save sandbox as blueprint

v

v

xxx
Save the sandboxvvxxx

Permissible actions for permitted users

The following table shows which actions are available for permitted users in a sandbox (users that were added by the sandbox owner to the sandbox as Permitted Users).

* indicates that the action is available to extended external users

Sandbox actions

Permitted - regular

Permitted - view only

Permitted - external

Permitted - extended external

View the list of sandboxes

v

v

v

v

View the sandbox diagram

v

v

v

v

Edit the sandbox (form)

v

x

x

v

Extend the sandbox

v

x

x

v

End the sandbox

v

x

x

v

Delete the sandbox

x

x

x

x

Terminate the sandbox

x

x

x

x

Execute commands

v

x

v

v

Interact with the sandbox during setup

v

x

x

v

Launch applications

v

x

v

v
Save sandbox as blueprintvx

x

x
Save the sandboxvxx v

Permissible actions according to sandbox status

The following table shows the available actions in a sandbox for each sandbox status.

Action

Pending

Setup

Active

Teardown

Completed

Overtime

Saving

View the list of sandboxes

v

v

v

v

v

v

v

View the sandbox diagram

v

v

v

v

v

v

v

Edit the sandbox (form)

v

v

v

xx

v

v

Extend the sandbox

v

v

v

x

x

v

v

End the sandbox

x

v

v

x

x

v

v

Delete the sandbox

vxxxvxx

Terminate the sandbox

x

x

x

v

x

v

x

Execute commands

x

x

v

x

x

v

x

Interact with the sandbox during setup

x

v

v

x

x

x

x

Launch applications

x

x

v

v

x

v

x
Save the sandboxxxvxxxx

Saved Sandboxes

The following table shows which actions are available for each CloudShell user type in a saved sandbox.

Action

System admin

Domain admin

Regular user

View-only access

External user

Extended external user

Restore a saved sandbox

v

v

v

x

x

v

Delete a saved sandbox

v

v

v

x

x

v

View my saved sandboxes

v

v

v

x

x

v

View list of all saved sandboxes

v

v

x

x

x

x

Job Scheduling dashboard

The following table shows which actions are available for each CloudShell user type in the Job Scheduling dashboard. Note that admins can allow regular users to edit and create suite templates using the AllowRegularUsersToEditSnQ key.

Note: For brevity, the "Edit" action indicates the user type can create, edit and delete the element.

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External/extended user

Edit suite templatevvxxx
Customize suite templatevvvxx

View execution reports

vvvxx
Run suite template executionvvvxx
Extend suite template executionvvvxx
Stop suite template executionvvvxx
AdHoc suitevvvxx

Inventory dashboard

The following table shows which actions are available for each CloudShell user type in the Inventory dashboard.

Note: For brevity, the "Edit" action indicates the user type can create, edit and delete the element.

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External/extended user

View resourcesvvvvx
Edit resourcesvvxxx
Reserve resourcesvvvxx
Search within resourcesvvvvx
View abstract resource templatesvvvvx
Edit abstract resource templatesvvxxx
View servicesvvvvx

Insight dashboard

If Sisense is configured to work with SSO from CloudShell, the first time a CloudShell user (any user role) logs in to Insight, a user is created in Sisense with Viewer permissions (CloudShell user must have an email). For designer or admin privileges, customize the user’s role in Sisense or contact Quali Support.

For information about Sisense user permissions, see Sisense Documentation.

Manage dashboard

The following table shows which actions are available for each CloudShell user type in the Manage dashboard. This only applies to system administrators and domain administrators as other user types cannot access this dashboard.

Note: For brevity, the "Edit" action indicates the user type can both view and edit the element.

** indicates that the user type can only access the element in their own domain.

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External/extended user

Edit Appsvv **xxx
Edit Categoriesvxxxx
Edit Shells (See Shells below)vxxxx
View Licensingvxxxx
Edit Domainsvv **xxx
Edit Execution Serversvxxxx
Edit JavaScript Extension xxxx
Edit Blueprint Templatesvvxxx
Edit Scriptsvv **xxx
Edit Driversvv **xxx

Shells

The following tables show which Shell management actions are available for each CloudShell user type.

1st Gen Shells

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External/extended user

Import

v

v

vvx
Modify (Resource Manager Client)

v

v

xxx

2nd Gen Shells

Action

System Administrator user

Domain administrator user

Regular user

View-only access

External/extended user

Importvxxxx
Add custom attributesvxxxx
Upgradevxxxx
Download from CloudShellvxxxx
Deletevxxxx