Manage operators

Operators are administrators of CVM. To ensure the system security, only operators who pass the identity authentication can log in to CVM. The operations that an operator can perform are determined by the authorities assigned to the operator.

Operator management enables you to view, add, edit, delete, filter, and forbid operators in CVM. You can assign authorities to an operator when you add or edit the operator and view resources that have been authorized to an operator.

Restrictions and guidelines

• Operators who have three login failures are forbidden to log in for one minute. You can edit the maximum number of failed login attempts and the lockout period in "Edit an operator."

• An operator has the assigned permissions as well as the permissions of the operator group to which the operator belongs.

• After you edit an online operator, the new settings take effect when the operator logs in to CVM again. After you delete an online operator, the operator cannot use CVM any more.

• Operator admin is the super administrator of the system and have all authorities. It is automatically created when the system is installed and cannot be deleted.

Add an operator

1. On the top navigation bar, click System.

2. From the left navigation pane, Operators & Groups > Operators.

3. Click Add.

Configure the parameters as described in "Parameters."

4. Click OK.

Edit an operator

1. On the top navigation bar, click System.

2. From the left navigation pane, select Operators & Groups > Operators.

3. Select the target operator and click Edit.

4. Configure the parameters as described in "Parameters."

5. Click OK.

Delete operators

1. On the top navigation bar, click System.

2. From the left navigation pane, select Operators & Groups > Operators.

3. Select the target operators, and then click Delete.

4. In the dialog box that opens, click OK.

Filter operators

1. On the top navigation bar, click System.

2. From the left navigation pane, select Operators & Groups > Operators.

3. Set filter criteria as described in "Parameters," and then click Filter.

4. To refresh the list, click  in the upper right corner.

5. To display desired columns, click  in the upper right corner.

6. To collapse the Filters area, click Collapse.

7. To display more filters, click More.

Display detailed operator information

1. On the top navigation bar, click System.

2. From the left navigation pane, select Operators & Groups > Operators.

3. Select the target operator, and then click View.

View authorized resources of an operator

To edit the authorized resources of an operator, see "Edit an operator."

To view authorized resources of an operator:

1. On the top navigation bar, click System.

2. From the left navigation pane, select Operators & Groups > Operators.

3. Select the target operator.

The Authorized Resources area displays clusters, hosts, and VMs that the operator can manage on the Clusters, Hosts, and VMs tabs, respectively.

Parameters

• Login Name: Login name of the operator.

• Authentication: Authentication mode used by the operator to log in to CVM.

• Password Authentication—Local authentication based on the operator account and password.

• LDAP Authentication—LDAP authentication based on the operator account and password.

• Operator Name: Name of the operator.

• Operator Group: Name of the operator group to which the operator belongs.

• Authorized Resources: Resources that the operator can manage.

• Email: Email address of the operator. Make sure the email address format is correct, for example, [email protected]. If the email address is incorrect, the user cannot receive the notifications that the system sends to the user group to which the user belongs.

• Phone: Enter a correct phone number. If the phone number is incorrect, the user cannot receive the notifications that the system sends to the user group to which the user belongs.

• Access Policy: Access policy applied to the operator.

• Concurrent Sessions: Maximum number of users that can use the operator account to access CVM simultaneously.

• Forbid Operator: Whether the operator is forbidden from logging in to CVM.

• Authorities: Operation authorities of the operator.

An operator has the authorities of the operator group to which the operator belongs and the authorities that are assigned to the operator individually.