As described in Overview of the Security Model, Multi-Tenancy is a great way to give a control of Opsview Monitor to your end users. It does so by allowing them to create new Hosts and further Roles and Users all within their own secure, private environment.
To use Multi-Tenancy, you must first ensure that your User’s Role has the CONFIGURETENANCIES option checked. This option is located within the Configuration tab, as shown below:
By default, this option is disabled. Once the option is enabled, you should be able to see Multi-Tenancy under the Configuration menu.
Adding a Tenancy
To add a new Tenancy, navigate to Multi-Tenancy within the Configuration menu and then click Add New.
Click on the Add New button which will display a window as shown below
In the above example, we are creating a new Tenancy based on the ‘Opsview Servers’ Role. This Role has access to view and modify only the hosts within the ‘Monitoring Servers’ Host Group, and can only view Service Checks on those Hosts that are within the service group ‘Application ’ Opsview’.
Note: Primary roles are not allowed to have any of the following accesses: ADMINACCESS, CONFIGURETENANCIES, CONFIGUREVIEW, CONFIGUREKEYWORDS, VIEWALL, ACTIONALL, TESTALL, NETFLOW, CONFIGURENETFLOW, REPORTADMIN, BSM, CONFIGUREBSM, CONFIGUREBSMCOMPONENT
After clicking ‘Submit’, the new Tenancy is added:
Once the primary role and the multi tenancy definition have been associated (Configuration > Multi-Tenancy) the primary role cannot be changed, although an administrator can edit the permissions for that role. Opsview will automatically ensure that all other roles in that tenancy will not have more permissions than the primary role.
Now, when a User with the ‘Opsview Servers’ role logs in, he will be able to add Hosts, create Roles (if the Role ‘Opsview Servers’ allows), and so on, all based on the Hosts and Service Checks that the primary Role is configured to allow Users to view and edit.