Multi-Tenancy
As described in Overview of the Security Model, Multi-Tenancy is a great way to give a control of Opsview Monitor to your end users. It does so by allowing them to create new Hosts and further Roles and Users all within their own secure, private environment.
To use Multi-Tenancy, you must first ensure that your User’s Role has the CONFIGURETENANCIES
option checked. This option is located within the Configuration tab, as shown below:
By default, this option is disabled. Once the option is enabled, you should be able to see Multi-Tenancy under the Configuration menu.
Adding a Tenancy Copied
To add a new Tenancy, navigate to Multi-Tenancy within the Configuration menu and then click Add New.
Click on the Add New button which will display a window as shown below
In the above example, we are creating a new Tenancy based on an example Opsview Servers Role. This Role has access to view and modify only the hosts within the Monitoring Servers Host Group, and can only view Service Checks on those Hosts that are within the service group Application - Opsview.
Primary roles are not allowed to have any of the following accesses:
ADMINACCESS
AUTODISCOVERY
AUTOMONITOR
CONFIGURETENANCIES
CONFIGUREVIEW
CONFIGUREKEYWORDS
VIEWALL
ACTIONALL
TESTALL
NETFLOW
CONFIGURENETFLOW
REPORTADMIN
BSM
CONFIGUREBSM
CONFIGUREBSMCOMPONENT
After clicking ‘Submit’, the new Tenancy is added:
Once the primary role and the multi tenancy definition have been associated (Configuration > Multi-Tenancy), the primary role cannot be changed, although an administrator can edit the permissions for that role. Opsview will automatically ensure that all other roles in that tenancy will not have more permissions than the primary role. So when a User with the Opsview Servers role logs in, they can add Hosts and create Roles if the Role Opsview Servers allows, which are all based on the Hosts and Service Checks that the primary Role is configured to allow Users to view and edit.