Creating a Custom Role

Constraints

• Only system administrator admin can create a system role.
• To obtain permissions for the user group and account group modules, configure the User and Account modules.

Creating a Role

1. Log in to your bastion host.
2. In the navigation pane on the left, choose User > Role to go to the role list page.
3. On the displayed page, click New in the upper right corner of the page. In the displayed New Role dialog box, complete required parameters

   Table 1 Parameters for creating a role

   Parameter	Description
   Role	Specifies the role name. The value of Role must be unique in a bastion host and cannot be changed after it is created.
   Managing Permission	Specifies whether to enable permission management for the role. Users assigned with management permissions can select a superior department when they create a resource or user. Enable: The role has the management permissions and users with this role granted can view the data of their departments and lower-level departments. Disable: The role has no management permissions.
   Remarks	(Optional) Provides supplementary information about the role.

4. Click Next. In the displayed dialog box, configure system module permissions for the role.
   • Select a system module and specific actions: the role has permissions for the module and selected actions.
   • Select only a system module: The role has only the permission to view the module.

5. Click OK. You can then view the created role in the role list.