Specific roles are roles whose permissions are not automatically applied to objects in Micetro. These roles are intended to allow access management on a per-object basis.
To create a Specific role, follow the instructions on roles and use the Role type dropdown to select Specific in the Create new role dialog. The default type for new roles is General.
Example: The specific role example.com editor has the permission Edit
zone options enabled. No DNS zone-type object in Micetro,
whether existing or future, will be accessible to users/groups assigned to this role
unless specifically added to the object.
Using Specific roles
Access defined through Specific roles isn’t applied until explicitly configured on objects.
To use a Specific role and control access to an object:
- Open the relevant page in the Web Application (DNS or IPAM) and select the
object to which you’d like to restrict access.Note: Using Specific roles on an object is only possible individually, per object.
- Use the Access or Row ... menu to select Manage access.
- In the dialog, remove all unneeded General roles and/or users (legacy only)
configured for the object by selecting Exclude on the
Row … menu.Note: General roles can be restricted from accessing single objects. Refer to Object access.
- Use the dropdown to search for and select the Specific role and select + Add.
- Select Save.
Access to the object will be restricted to the selected users/groups assigned to the Specific role.
A notification will be displayed in the Save comment dialog, detailing the additional changes. If the user doesn’t have the necessary access to set permissions of these objects, an advisory message will be displayed.