What are organizations?

An organization determines a member's entry point into the cloud system and associates its members with services and resources. An organization can be a company, business unit, department, or group.

Membership in an organization is determined by the organization's LDAP (Lightweight Directory Access Protocol) directory. When a user logs in to the Cloud Service Management Console or Marketplace Portal, LDAP authenticates the login credentials by verifying that the user name and password match an existing user in the LDAP directory. The LDAP server used to authenticate users to the Cloud Service Management Console or Marketplace Portal must be set up and configured before authorization can be given to specific roles within CSA. See the Cloud Service Automation Configuration Guide for more information.

Configuring the organization's LDAP setting is done in the LDAP tab.

Authorization or abilities of a member of an organization (such as creating a service design or managing cloud resources) are determined by predefined roles in CSA that require assigning group DNs in the LDAP directory. Membership to these group DNs in LDAP automatically gives permission to that role in CSA. These permissions are assigned in the Access Control tab for the organization.

There are two types of organizations in CSA:

  • Provider organization - The provider organization hosts CSA, manages consumer organizations, and manages resources and services, including those offered by third-party or public clouds.

    Using the Cloud Service Management Console, members of the provider organization can create one or more consumer organizations, manage configured organizations, and manage resources and services (such as designing, offering, and publishing resources and services for consumption).

    The organizations, resources, and services that can be managed are determined by the role(s) assigned to the members of the provider organization. For example, the CSA Administrator manages all organizations, resources, and services, while the Consumer Service Administrator manages only consumer organizations. Additional roles include the Resource Supply Manager who manages resource providers and resource offerings, the Service Designer who manages service components and service designs, the Service Business Manager who manages service offerings and service catalogs, and the Service Operations Manager who manages subscriptions and service instances. All of these roles can be found in the Provider Organization's Access Control tab.

    There is only one provider organization for each instance of CSA and it is automatically set up during installation. You can modify the provider organization, as needed. You cannot delete the provider organization.

  • Consumer organization - The consumer organization, using the Marketplace Portal, subscribes to or consumes the resources and services provided by the provider organization. There can be multiple consumer organizations configured by the provider organization. However, each consumer or subscriber sees only the information in the consumer organization of which he is a member. Membership to a consumer organization is determined by the LDAP configuration of the consumer organization.

    At installation, a single consumer organization is set up. Use the Administration tile in the Cloud Service Management Console to modify this default consumer organization, as needed.

See LDAP and the Cloud Service Automation Configuration Guide for more information about configuring LDAP for the provider and consumer organizations.