You are here: Configure > Configure Tenants > Best Practices for Configuring Tenants

Best Practices for Configuring Tenants

Review the following best practices when creating new tenants and assigning roles for specific use cases.

To assign resources to a tenant without granting the tenant users the ability to modify or delete the resources:

Create a new resource pool, and assign resources to be made available to the tenant in a resource pool on the Resource Pools Resource Pools icon pane. On the Tenants Tenants icon pane, select the newly created resource pool and assign the Read Only permission. This allows a tenant user to view the resources defined in the resource pool, but not modify or delete them.

To assign permissions to a tenant that allows tenant users to create new policies and reports, but prevents them from viewing existing ECX policies:

Create a new resource pool, and assign resources to be made available to the tenant in a resource pool on the Resource Pools Resource Pools icon pane. On the Tenants Tenants icon pane, select the newly created resource pool and assign the Create Only permission. This allows a tenant user to create new policies and reports, but prevents them from viewing existing ECX policies.

To assign resources to a tenant and allow the tenant users to create and run policies, reports and perform searches:

Create a new resource pool, and assign resources to be made available to the tenant in a resource pool on the Resource Pools Resource Pools icon pane. On the Tenants Tenants icon pane, select the newly created resource pool and assign the Read Only and Create Only permissions. This allows a tenant user to create as well as run new policies and reports.

General Recommendations

  • For a tenant admin, it is recommended to create two resource pools. In the first resource pool, add the providers to be made available to the tenant, and assign a Read Only permission to the resource pool. In the second resource pool, assign policies, security, and screens, and assign the Create Only permission. Once complete, assign both resource pools to the tenant.
  • When configuring a resource pool for a tenant user, it is recommended to exclude the security resources found in the Step 5: Security step or the Home and Logs resources found in the 6. Screens step. These resources contain general ECX information that may not apply to the tenant user.
  • The built-in ECX_All resource pool should not be assigned to a tenant as it includes all of the resources in the ECX system.
  • Selecting higher level objects instead of specific resources and assigning the View, Edit, and Delete permissions may cause tenants to see resources from other tenants. Add lower-level resources to ensure the tenants can only see objects assigned to the tenant.

RELATED TOPICS:

 

Catalogic ECX™ 2.4

© 2016 Catalogic Software, Inc. | All rights reserved. | 7/15/2016

MySupportKnowledge Base | Trademarks | info@catalogicsoftware.com