Permission sets provide a mechanism for controlling the operations that can be performed by a user or user group. You can:

  • Set permissions for a partner user or a client user independent of their profile.
  • Restrict activities using the permission values for each permission type.
  • Authorize access according to role.

The PERMISSION SETS window displays the list of available permission sets, by Name, and the operational areas that support access control.

Permission Sets

For each permission set-operational area, the icons have the following significance:

  • The eye icon indicates view permission only.
  • The pencil icon indicates permission to view and manage.

Create a permission set

When you add a permission set, you are presented with a list of areas that have permissions associated with them. Choose the permission you want to be in your permission set and the permission level for each permission.

  1. Select Setup > Account > Permission Sets.

  2. Click +Add.

  3. In the Scope field, choose Partner or Client user applicability of the permission, and

    • For partner scope, enter a permission Name.
    • For client scope, in the Client field, choose EVERYONE or a particular client and enter a permission Name.
  4. Enter a description for your permission set.

  5. In the Permissions section, for each access-controlled area that you want to be part of this permission set, select the permission you want to allow.

  6. Click Save.

The following is general usage information:

Delete a permission set

You cannot delete the default Administrator or User users.

  1. Select Setup > Account > Permission Sets.
  2. Select one or more named permission set you want to delete.
  3. Click Remove.
  4. Click Yes to confirm you want to permanently delete the permission sets.

Permissions reference

The permission listing differs depending on partner or client scope.

Permission TypePermission Value
AdministrationAdministration: Allows access to the Setup tab.
AlertsManage: Allows access to both the alert list and alert report pages and provides the ability to process the alerts.
View: Allows access to the alert list page, you can also view details for a given alert.
Clients (Partner-level)Client Create: Allows you to create a new client.
Client Edit:
Allows you to edit client details.
Client Manage:
Allows you to manage a client.
Client View:
Allows you to view the client information.
Cloud ManagementPower Cycle: Allows to Stop, Start, and Restart instances.
Launch Instances:
Allows to create new instances in the cloud account.
Management Profile ManageManage: Allows access to view, create, and edit existing gateway profile.
View: Allows access to the Setup tab, you can also view the services gateway remotely.
CommandsAllow to run commands: Permits users to run commands.
ConsolesManage: Allows users to view, create and edit console options from the Infrastructure tab.
View: Allows remote access to devices from the Infrastructure tab.
CredentialsManage: Allows access to manage the existing credential sets.
Create: Allows access to create a new credential set, but to create this the user should have access to All Devices.
Edit: Very similar to manage, allows access to edit a credential set.
View: Allows access only to view all the credential sets, including the passwords
Custom AttributesView: Allows users to only view the custom attributes.
Create: Allows users to create custom attributes.
Manage: Allows users to control which users who can manage custom attributes.
DashboardsDashboards Shared View: Allows access to a shared dashboard.
Dashboards Access Only: Allows access only to own Dashboard and the Shared Dashboard. If this permission is enabled, the users cannot access other features of OpsRamp.

To view the details populated using widgets in the Dashboard, users must configure the permissions required for each widget. For more details, view Lists of widgets in OpsRamp.

DevicesManage: Allows access to setup, device groups, discovery, and deployment, admin console parameters, setup network device credentials, set up network device configuration backup schedules and setup network device configuration backups pages. Additionally, you can add a device to a maintenance window, delete or stop managing the device.
Create: Allows access to infrastructure, device listing page, where you can add a device, import devices and add virtualized, storage, UCS and cloud providers-based infrastructure.
Edit: Allows access to edit device details in infrastructure.
View: Allows access to devices under Infrastructure and Dashboard tab, also allows access to view hardware, application, and patches information on the device details page.
Device Monitor Template ConfigurationApply Templates permission: Allows the user to Assign/Unassign templates and monitors.
Customize Templates:
Allows the user to edit monitors and change the thresholds at device level.
Gateway FirmwareAllow Gateway Firmware Update
IntegrationManage Integration: Allows users to manage various integration services. For example, install, bulk uninstall, regenerate secret/token, revoke access token, delete keypair, and disable the Integrations. A user with Manage permission can do all activities tagged with Edit and View permissions.
Edit Integration: Allows users to edit the details of the configured integrations. For example, update mapping inbound attributes and integration events.
View Integration: Allows users to view the Integration tab and details of the configured integrations. For example, Integration Audit Logs and Authentication Details except for secret/token.
JobsManage: Allows access to create, edit and delete jobs configured on managed devices, allows access to run a job immediately using the Run Now option.
View: Allows access to Automation tab.
Knowledge BaseManage: Allows users to create, edit, and delete knowledge base, category, article and a template. Manage permission also allows users to move an article.
Edit: Allows users to edit knowledge base.
View: Allows users to view, rate, comment, like, and share an article.
MetricsManage: Allows users to create metrics.
MonitorsCreate and Edit: Allows access to create and view the templates and monitors applied on a given device in infrastructure.
Customize: Allows access to modify threshold and alert conditions for each monitor, also allows access to create and edit entries in the Setup tab.
Manage: Allows access to assign monitoring templates to devices, and modify threshold and alert conditions for each monitor, also allows access to create and edit entries in the Setup tab.
View: Allows access to view the templates and monitors applied on a given device in infrastructure.
OpsQOpsQ View: Allows you to view the alert policies for Alert Enrichment, Alert Correlation, First Response, Alert Escalation, and Alert Prediction. Using this permission, you can only view the policies of other users.
OpsQ Manage: Allows you to create, edit, or delete the alert policies for Alert Enrichment, Alert Correlation, First Response, Alert Escalation, and Alert Prediction. Using this permission, you can manage all the alert policies in your tenant.
Patch ApprovalsManage: Allows access to patch management in Automation tab, access to patch configuration page where users can create, edit and delete a patch install job. It also allows access to the patch approval pages where one can approve patches for a set of devices.
View: Allows access to patch management in Automation tab, can able to view the patch status. You can also view the configured patch install jobs under patch configuration page.
Process AutomationManage: Allows users to create and view process automation artifacts.
View: Allows view only of process automation artifacts.
ProjectsManage: Allows users to manage projects.
View: Allows users to view projects.
Recording AuditAll Recordings Play, Search: User can play the recording and search for a recording.
All Recordings Play, Search, Edit: Users can play, search and edit notes for all recordings. Users cannot delete any recordings.
My Recordings Play, Search, Edit: Users can play, search and edit their recordings only and not any other users.
ReportsManage: Allows users to manage, create, edit, delete, and view reports.
View: Allows access to Reports.
RolesManage: Allows access to create and delete roles.
View: Allows access to view defined roles in Setup tab.
Change RequestManage: Allows users to manage, create, edit, delete and view change request.
Create: Allows users to create, edit, and view change request.
Edit: Allows users to edit and view change request.
View: Allows users to view change request.
IncidentManage: Allows users to manage, create, edit, delete and view incident.
Create: Allows users to create, edit and view incident.
Edit: Allows users to edit and view incident.
View: Allows users to view incident.
ProblemManage: Allows users to manage, create, edit, delete and view the problem.
Create: Allows users to create, edit and view the problem.
Edit: Allows users to edit and view the problem.
View: Allows users to view problem.
Service RequestManage: Allows users to manage, create, edit, delete and view service desk request.
Create: Allows users to create, edit and view service desk request.
Edit: Allows users to edit and view service desk request.
View: Allows users to view service desk request.
Task RequestManage: Allows users to manage, create, edit, delete and view task request.
Create: Allows users to create, edit and view task request.
Edit: Allows users to edit and view task request.
View: Allows users to view task request.
Time Bound RequestManage: Allows users to view request details, create requests for existing partner and client, existing partner and new client and new partner and new client, and edit time-bound request.
Create: Allows users to create, edit and view time-bound request from Service Desk menu. Edit: Allows users to view and edit time-bound request.
View: Allows users to view time-bound requests.
Note: Allows users to manage, create, delete, edit, and view time-bound requests if they have service desk manage permission.
Service CatalogManage: Allows users to view, create provisioning policies, service catalogs and provisioning workflow.
View: Allows users to view service catalog management in Setup tab.
Service Order (Partner-level)Manage Service Order: Allows users to manage the service order.
View Service Order:
Allows users to view the service order.
Edit Service Order:
Allows users to edit the service order.
Delete Service Order:
Allows users to delete a service order. Create Service Order: Allows users to create a service order.
Service DeskManage: Allows users to manage, create, edit, delete and view service desk.
Create: Allows users to create, edit and view service desk.
Edit: Allows users to edit and view service desk.
View: Allows users to view service desk
ScriptsManage: Allows users to schedule a given script on a set of devices or run the script immediately using the Run Now options.
View: Allows access to scripts page in Automation tab, also allows access to view the list of scripts available and the scripts scheduled on devices.
UsersManage: Allows access to create, edit and deactivate users, user groups and roles.
Create: Allows users to create users.
View: Allows access to view existing users in Setup tab.