Groups
The cloud user group corresponds to the user group on the public cloud, through which users with the same responsibilities can be classified and authorized, etc.
Sync rules
- From local to cloud: When a cloud user group created locally is associated with a cloud user, it will be synchronized to the corresponding public cloud platform, and a cache record will be created, i.e. the mapping relationship between local and cloud. When the cloud user group permissions are modified locally, it will be synchronized to the public cloud platform.
- From cloud to local: When the platform adds a public cloud account, the user groups on the public cloud will be synchronized to local, and the user groups with identical permissions will be merged into one locally (only cloud user groups with the same domain are supported), and a cache record will be generated, i.e. the mapping relationship between local and cloud. Permissions of permission groups are modified on the cloud, but not changed locally. Only permissions within the permission group are allowed to be overwritten from the local to the cloud synchronization.
Entry: In the cloud management platform click on the top left corner of navigation menu, and click “Multicloud/Cloud Accounts/Groups” menu item in the left menu bar that pops up to enter the Groups page.
Create group
This function is used to create a group. When a group is created, it will not be synchronized with the corresponding platform, but will be cached to the corresponding public cloud platform only when the cloud user group is associated with cloud users. Please make sure you have a cloud account on the corresponding platform before creating a group.
- On the Groups page, click the “Create” button at the top of the list to bring up the Create Groups dialog box.
- Set the following parameters.
- Specify Domains: Select the domain to which the cloud user group belongs.
- Name: Set the name of the cloud user group.
- Platform: Select the platform to which the cloud subscriber group belongs.
- Permissions: Select the permissions to be granted to the cloud subscriber group, and support fuzzy search for permissions by name and description. In the selected permissions, it supports clicking on the right side of a permission icon to deselect the policy.
- Click the “OK” button to complete the operation.
Sync Status
This function is used to synchronize the current status of the cloud subscriber group.
- On the cloud subscriber group page, click the “Sync Status” button on the right action bar of the cloud subscriber group to synchronize the status of the cloud subscriber group.
Associate cloud subscriber
This function is used to associate a cloud subscriber with a cloud user group. After associating a cloud subscriber, the cloud subscriber group will be synchronized to the corresponding public cloud platform, and a cache record will be created.
- On the cloud user group page, click the “More” button on the right action bar of the cloud user group, and select the drop-down menu “Associate Cloud User” menu item to bring up the Associate Cloud User dialog box.
- Select the cloud subscriber and click the “OK” button to complete the operation.
Associate Permissions
This function is used to manage the permissions of the cloud subscriber group.
- On the cloud user group page, click the “More” button on the right action bar of the cloud user group and select the drop-down menu “Associate Permissions” menu item to bring up the Associate Permissions dialog box.
- Select the permissions that need to be granted to the cloud user group, and support fuzzy search for permissions by name and description. Among the selected permissions, it supports clicking on the right side of a permission icon to deselect the policy.
- Click the “OK” button to complete the operation.
Change Domain
This function is used to change the domain to which the cloud subscriber group belongs.
Description
Conditions for changing the domain: Both are required
- The current user is in the system backend.
- Three-level Resource Hierarchy are enabled in OneCloud .
- The shared scope of the cloud user group is private.
- On the cloud user group page, click the “More” button on the right action bar of the cloud user group and select the drop-down menu “Change Domain” menu item to bring up the Change Domain dialog box.
- Click the “OK” button to complete the operation.
Set up sharing
This function is used to set the sharing scope of the cloud subscriber group.
There are three types of sharing scopes for domain resources.
- No sharing (private): I.e. domain resources can only be used by users in this domain.
- Domain sharing-part (Multiple Domains sharing): That is, the domain resources can be shared to the specified domain (one or more), and only the users under the domain where the domain resources are located and the shared domain can use the domain resources.
- Domain Share-All (Global share): I.e. domain resources can be shared to all domains, i.e. all users in the system can use the domain resources.
Description
Conditions for setting up sharing: need to satisfy both
- The current user is in the system backend.
- Three-level Resource Hierarchy have been enabled in OneCloud
- On the cloud user group page, click the “More” button on the right action bar of the cloud user group, and select the drop-down menu “Set up sharing” menu item to bring up the Set up sharing dialog box.
- Configure the following parameters.
- When the sharing range is selected as “No Sharing”, the sharing range of domain resources is private and only users of this domain can use it.
- When Shared Range is selected as “Domain Shared”, you need to select the domain to be shared.
- When the domain is selected as one or more domains, the shared scope of the domain resource is Domain Shared-Partial, and only users in the domain where the domain resource is located and under the shared domain can use the domain resource.
- When the domain selects All, i.e. the sharing scope of the domain resource is Domain Share-All, all users in the system can use the domain resource.
- Click the “OK” button to complete the operation.
Delete
This function is used to delete a cloud user group. When deleting a user group, the user group cached to the public cloud platform will be deleted synchronously.
delete
- On the cloud user group page, click the “More” button in the operation column on the right side of the cloud user group, select the drop-down menu “Delete” menu item, and the operation confirmation dialog box pops up.
- Click the “OK” button to complete the operation.
Batch Delete
- Select one or more cloud user groups in the cloud user group list and click the “Delete” button at the top of the list to bring up the operation confirmation dialog.
- Click the “OK” button to complete the operation.
View cloud user group details
This function is used to view the details of the cloud user group.
- On the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- View the following information, including Cloud ID, ID, name, status, domain, project, share scope, number of permissions, number of users, created at, updated at, and description.
Cloud User Management
This feature is used to manage the cloud users associated with the cloud user group and supports moving the cloud users out of the cloud user group.
Remove cloud subscriber
This feature is used to remove the cloud subscriber from the cloud user group.
Individual Removal
- On the cloud subscriber group page, click the cloud subscriber group name item to enter the cloud subscriber group details page.
- Click the Cloud Users tab to enter the Cloud Users page.
- Click the “Remove” button in the action column on the right side of the cloud subscriber to bring up the action confirmation dialog.
- Click the “OK” button to complete the operation.
Batch Removal
- On the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- Click the “Cloud Users” tab to enter the Cloud Users page.
- Select one or more cloud users in the cloud user list and click the “Remove” button at the top of the list to bring up the action confirmation dialog.
- Click the “OK” button to complete the operation.
Permission Management
This function is used to manage the permissions associated with the cloud subscriber and supports removal of permissions.
Remove Permissions
This function is used to remove the permissions from the cloud subscriber group.
Individual Removal
- In the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- Click the Permissions tab to enter the Permissions page.
- Click the “Remove” button in the action column on the right side of the permission to bring up the action confirmation dialog.
- Click “OK” button to complete the operation.
Batch Removal
- On the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- Click the Permissions tab to enter the Permissions page.
- Select one or more permissions in the permissions list and click the “Remove” button at the top of the list to bring up the action confirmation dialog.
- Click the “OK” button to complete the operation.
Permission Group Cache Management
The cache is the mapping relationship between local and public cloud platform. When the local cloud user group is modified, the user group on the corresponding platform will also be modified accordingly. Deleting cache is supported.
Delete cache
This function is used to delete the cache. Deleting the cache will delete the cloud subscriber group on the public cloud platform at the same time. When a cloud subscriber group is associated with a cloud subscriber, the cache cannot be deleted.
Individual Deletion
- On the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- Click the Permission Group Cache tab to enter the Permission Group Cache page.
- Click the “Delete” button in the action column on the right side of the cache to bring up the action confirmation dialog.
- Click the “OK” button to complete the operation.
Batch Delete
- On the cloud user group page, click the cloud user group name item to enter the cloud user group details page.
- Click the Permission Group Cache tab to enter the permission group cache page.
- Select one or more permission group caches in the cache list, and click the “Delete” button at the top of the list to bring up the action confirmation dialog.
- Click the “OK” button to complete the operation.
View cloud subscriber group operation log
This function is used to view the log information of the host-related operations.
- On the cloud subscriber group page, click the cloud subscriber group name item to enter the cloud subscriber group details page.
- Click the Operation Logs tab to enter the Operation Logs page.
- Load More Logs: In the Operation Logs page, the list shows 20 operation logs by default. To view more operation logs, click the “Load More” button to get more logs.
- View Log Details: Click the “View” button on the right column of the operation log to view the log details. Copy details are supported.
- View logs of specified time period: If you want to view the operation logs of a certain time period, set the specific date in the start date and end date at the top right of the list to query the log information of the specified time period.
- Export logs: Currently, only the logs displayed on this page are supported to be exported. Click the upper-right corner of icon, set the export data column in the pop-up export data dialog, and click the “OK” button to export the logs.