On Bumblebee platform, administrators are organized in the hierarchy shown blow.
There are three concepts: Account, Entity and IAM user. The main purpose is to provide access privileges and flexibility in managing multiple customers.
Account
There is one root account created when a customer creates an account on the platform. This account can create IAM user at this level.
Entity
Entity is an abstract created by Account. An entity may create an IAM user under the entity. A device can be assigned to an entity and become visible only the entity IAM user or the root account IAM user, but not by other entity's IAM users.
IAM User
An IAM user may have read and write privilege or read only privilege.
An IAM user associated with the Account have visibility to all entities and devices. An IAM user associated with an Entity only has visibility to
Example Use case
Imagine an ISP provider Uni-Tech. Uni-Tech manages many enterprises Internet access. Uni-Tech creates an account on Bumblebee platform. For each of their customers, Uni-Tech creates an Entity. For example, an Entity named Enterprise-A. Under this Entity Enterprise-A, Uni-Tech creates a few IAM users for Enterprise-A admins to login to Bumblebee platform to view the health of the devices.
Comments