Skip to end of banner
Go to start of banner

Onboard Management Role

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 15 Next »

If you need to add a new management role to the system, EmpowerID has a user-friendly wizard interface to guide you through the process. The wizard will walk you through creating the group, assigning owners, adding default assignees, and configuring how it will appear in the IAM shop. Just follow the instructions below to onboard the role and view the details of the newly onboarded role to ensure that it was properly added.

For more detailed information and if you are an admin user, kindly refer to the document available at this link.

Onboard a Management Role

  1. Navigate to the portal for the Resource Admin app in your environment.

  2. In Resource Admin, select Management Role from the dropdown at the top of the page.

  3. Select the Workflows tab and click Onboard a Management Role.

    You will now see the Onboard Management Role wizard workflow. Simply follow the step-by-step guide and provide all the necessary details for the Management Role in each section. Remember to click on "Next" after completing each step.

    • Name- Provide a unique and descriptive identifier for the Management Role

    • Display Name- Please provide a user-friendly label that appears in the application's user interface representing the Management Role.

    • Management Role Type - Choose the appropriate management role type.

    • Management Role Definition - Select the management role definition for the management role.

    • Select a Location - Select a location in EmpowerID for the application. This location is for RBAC delegation only. If there is a location selected by default and you wish to change it, click the link for the location and then search for and select the desired location from the Location tree.

    • Description - Provide a brief explanation of the Management Role.

    image-20250116-135810.png

    • Responsible Party- Search for and select the responsible party for the management role.

    • Owners– Search for and select the role owner. You can assign multiple people to the owner.

    • Deputies – Search for and select one or more management role deputies.

    image-20250116-140333.png


    image-20250116-140549.png

    The Requestable in IAM Shop specifies whether the application is requestable in the IAM Shop. When selected, the following settings are relevant:

    • Select Access Request Policy – Please choose the Access Request policy to apply in handling requests for the management role.

    • Select Assignees – Search for and select eligible users for the management role. Users must have one of the below eligibility assignments to view the management role in the IAM Shop.

      • Eligible Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees eligible for the management role.

      • Preapproved Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees pre-approved for the management role.

      • Suggested Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees suggested for the management role.

    When a user is assigned to a specific RBAC management role, they gain permissions and capabilities aligned with that role's defined responsibilities. RBAC assigned membership can be configured based on People, Setgroups, Groups, Management Roles, or Business Roles and Locations, allowing for tailored access control that matches organizational structures and operational requirements. This flexibility ensures users have the appropriate access to perform their duties securely and efficiently.

    • Choose the Type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees eligible for the management role.

    • Select Preview the list of people that will receive membership due to these RBAC membership assignments to view the

    image-20250116-141005.png

    You can add existing groups as members of the management role you are creating. Once the management role is created, the groups you select will be added to the management role by default.

    • Type the Name of the Group and Click on Search

    • Select the Group (s) to add as members into the management role.

    When you create a new management role, you have the option to include other management roles. These selected roles will automatically be added to the newly created management role.

    Before proceeding, it is recommended that you review the summary information. For your convenience, the summary is organized into multiple tabs, allowing you to verify that the correct inputs have been provided to create the necessary management roles.

    image-20250116-141452.png


  4. Please click on the "Submit" button to create the management role and exit the wizard.

  • No labels