Abiquo provides a set of default roles and you can clone and modify them to create new roles. The following table describes the default roles. See Privileges for a list of the privileges for each role.
Manages the physical infrastructure and configurations in order to offer a cloud service. The privileges of this role cannot be modified. The default "admin" user has this role and the unlimited global scope. There must always be at least one user with this role and the global scope, but it does not have to be the default admin user. This role can be cloned, for example, to create administrators with a scope that restricts them to certain datacenters and enterprises.
Manages configurations at enterprise level and grants access to other enterprise users. This role is for users that are responsible for an enterprise to manage their cloud services. By definition, users with this role are restricted to administering their own enterprise.
Manages the virtual appliances of an enterprise. Typically, this role is for users working with the cloud service. By definition, users with this role are restricted to their own enterprise.
|OUTBOUND_API||User for the M module that stores Events in the API and streams them in the Outbound API. The default privileges of this role allow it to read all events.|
|ENTERPRISE_VIEWER||Allows read-only access to the cloud platform. A user with this role can access a VDC and view VApps, VMs and VM details.|