You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot-accelerators/iot-accelerators-remote-monitoring-rbac.md
+26-22Lines changed: 26 additions & 22 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,31 +18,35 @@ This article provides information about how to configure role-based access contr
18
18
19
19
## Default settings
20
20
21
-
When you first deploy the Remote Monitoring solution, there are two roles: **Admin** and **Read Only**.
22
-
23
-
Any user in the **Admin** role has full access to the solution. A user in the **Read Only** role can't do any of the following tasks:
24
-
25
-
- Update alarms
26
-
- Delete alarms
27
-
- Create devices
28
-
- Update devices
29
-
- Delete devices
30
-
- Create device groups
31
-
- Update device groups
32
-
- Delete device groups
33
-
- Create rules
34
-
- Update rules
35
-
- Delete rules
36
-
- Create jobs
37
-
- Update SIM management
38
-
39
-
The person who deploys the Remote Monitoring solution is automatically assigned to the **Admin** role and is an Azure Active Directory application owner. As an application owner you can assign roles to other users in the Azure portal.
40
-
41
-
If you want another user to assign roles in the solution, they must also be set as an application owner in the Azure portal.
21
+
When you first deploy the Remote Monitoring solution, there are two roles: **Admin** and **Read Only**.
22
+
23
+
Any user in the **Admin** role has full access to the solution, including the following permissions below. A user in the **Read Only** role will only have access to view the solution.
24
+
25
+
| Permission | Admin | Read Only |
26
+
|---------------- |-------|-----------|
27
+
| View Solution | Yes | Yes |
28
+
| Update alarms | Yes | No |
29
+
| Delete alarms | Yes | No |
30
+
| Create devices | Yes | No |
31
+
| Update devices | Yes | No |
32
+
| Delete devices | Yes | No |
33
+
| Create device groups | Yes | No |
34
+
| Update device groups | Yes | No |
35
+
| Delete device groups | Yes | No |
36
+
| Create rules | Yes | No |
37
+
| Update rules | Yes | No |
38
+
| Delete rules | Yes | No |
39
+
| Create jobs | Yes | No |
40
+
| Update SIM management | Yes | No |
41
+
42
+
By default, the user who deployed the solution is automatically assigned the **Admin** role and is an Azure Active Directory application owner. As an application owner, you can assign roles to other users through the Azure portal. If you want another user to assign roles in the solution, they must also be set as an application owner in the Azure portal.
43
+
44
+
> [!NOTE]
45
+
> The user who deployed the solution is the **only person** who can view it immediately after its been created. To grant others access to view the application as either a Read Only, Admin, or a Custom role, see the following directions below on add or remove users.
42
46
43
47
## Add or remove users
44
48
45
-
Use the Azure portal to add or remove a user from the Remote Monitoring solution. The following steps use the [Azure Active Directory enterprise application](../active-directory/manage-apps/add-application-portal.md#find-your-azure-ad-tenant-application) that was created for you when you deployed the Remote Monitoring solution.
49
+
As an Azure Active Directory application owner, you can use the Azure portal to add or remove a user to a role from the Remote Monitoring solution. The following steps use the [Azure Active Directory enterprise application](../active-directory/manage-apps/add-application-portal.md#find-your-azure-ad-tenant-application) that was created for you when you deployed the Remote Monitoring solution.
46
50
47
51
1. Sign in to the [Azure portal](https://portal.azure.com).
0 commit comments