Destinations access roles [Settings]
This pane displays the role type assignments for the selected destinations.
To view this page in the console, click the following path:
Service integration -> Buses -> security_value -> [Authorization Policy] Manage destination access roles -> destination_name > Manage access roles.
In the path, security_value is either Enabled if messaging security is enabled, or Disabled if messaging security is not enabled.
This pane lists users and groups that have been assigned role types for the destinations selected in the Manage destination access roles panel. Use this pane to add and remove users and groups, and manage role type assignments and inheritance for a destination.
The information for each destination is contained within a section that we can expand and collapse. For each destination, a section header displays the type of destination, for example whether it is a queue, topic space, or some other type of destination and the destination name.
- Expand/Collapse
- Click the icon to expand the section and display the collection of users and groups that have been assigned role types for the selected destination.
- Inherit from default
- Select the check box to have the selected destination inherit access roles for users and groups from the default resource. Only access roles that apply to the selected destination can be inherited.
General Properties
- Select
- A check box we can use to select the users and groups for which we want to manage access roles.
- Name
- The name of the user or group that has an access role for the selected resource. If the user is a group member, the user ID and the group name is displayed.
- Type
- The type of the user or group. There are three types of user or group: "user", "group" and "member". A user that inherits its access roles from a group has the type "member".
- Sender
- Whether a user, group or member is in the sender role for a selected resource.
- Receiver
- Whether a user, group or member is in the receiver role for a selected resource.
- Browser
- Whether a user, group or member is in the browser role for a selected resource.
- Creator
- Whether a user, group or member is in the creator role for a selected resource.
Security access roles
In the administrative console, access role icons are used to represent whether a user or a group is in a particular access role. We can click an icon to add or remove selected users and groups to a particular access role for a selected resource.
An access role icon has three states:
- Access role type set.
- Access role type not set.
- Access role type inherited from group.
The following table describes how the access role icons represent these states, and how to change between them:
| Access role icon | Access role assignment state | User action |
|---|---|---|
|
| Role type not set. | Click to change to role type set
|
|
| Role type set. | Click to change to role type not set. The icon
changes to role type not set
|
|
| Role type inherited from group. | Click to change to role type set
|
|
| Role type not set for a group. The group to which a user belongs does not have a role type. | Read only. |
|
| Role type set for a group. The group to which a user belongs has a role type. | Read only. |
|
| Role type not applicable. | Read only. |
.
if the role type does inherit access roles.
Buttons
| Button | Description |
|---|---|
| Add | Click to add users and groups to this resource. |
| Remove | Click to remove selected users and groups from all the role types for this resource. |