Use > Catalogs > Access Control

Access control for catalogs

Access Control is used to assign LDAP groups to a catalog. You choose whether a service catalog is visible to all authenticated users of a consumer organization or just a subset of users.

To make a catalog visible to all authenticated users of a consumer organization, identify the LDAP groups that have been added to the organization roles (in the Organizations area of the Cloud Service Management Console) and make sure that all of the same LDAP groups appear in the Access Control area of the service catalog. This action happens automatically when a manually created service catalog is created. For an organization's automatically created catalog, you must manually add these LDAP groups.

Tasks

  • Edit a catalog — Click the gear icon and select Edit Catalog. See Overview Tab.
  • Export a catalog — Click the gear icon and select Export Catalog. See Overview Tab.
  • Delete a catalog — Click the gear icon and select Delete Catalog.
  • Add a group — LDAP groups must be configured in the Cloud Service Management Console Organizations area. Groups are defined in Access Control in the Organizations area or in Catalogs. Click Add Group to manage access control by adding LDAP groups to the catalog. You can select from existing named DNs or enter your own name for the group or organization unit DN. You can either select the CSA Service Consumer Role or Other Roles. When you select Other Roles you can add or select multiple roles from the list of roles displayed. For an existing DNS, the role list shows the roles that have already been assigned as selected. For more information on the Other Roles, see Roles in the Key Concepts topic of Get Started section.

    Note You can edit the LDAP groups visible in the Access Control area of the service catalog. To do this, click the gear icon and select Edit to edit the group or organization unit DN or edit the name for the group or organization unit DN.