Home > Storage > Data Storage Essentials > DataIQ and CloudIQ > CloudIQ: A Detailed Review > Identity Management
The Identity Management section allows CloudIQ administrators to set up access controls by assigning users to predefined roles. Administrators can also initiate an invitation to their Identity Provider (IdP) experts to become Dell Identity Admins and federate with their IdP to enable single sign-on.
The administrator of an organization uses MyService360 to define the organization profile. See KB#000183704 for details about using MyService360 for company administration. See KB#000191817 for details about determining CloudIQ Admins for a company.
Note: MyService360 users with a company admin role are automatically mapped to the CloudIQ Admin role.
There are three tabs in the Identity Management page: The USERS tab lists out all users who have logged into CloudIQ at least once. This tab shows the username, email address, and assigned roles. Selecting the Details icon for an individual user provides details about the user profile and assigned roles and permissions.
CloudIQ Administrators can select the Edit button to assign a role to a user.
The ROLES tab lists out the available roles with their description. There are five roles in CloudIQ: CloudIQ Admin, CloudIQ Standard, CloudIQ DevOps, Server Admin, Cybersecurity Admin, and Cybersecurity Viewer. Users with an Administrator role in an organization are automatically assigned the CloudIQ Admin role. Users who do not have an Administrator role are automatically assigned the CloudIQ Standard role. These roles are automatically assigned based on the user’s role in their organization and cannot be managed within CloudIQ. Only Users in the CloudIQ Admin role have access to the User Access page.
The CloudIQ DevOps role allows users access to the Integrations menu to view and configure Webhooks and REST API credentials. CloudIQ Admins can assign this role to any CloudIQ user, including themselves.
The CloudIQ Server role is required for users who want to initiate remote management functions on PowerEdge servers. Note that additional remote management permissions need to be enabled in the CloudIQ plugin in OpenManage Enterprise.
The other two roles are Cybersecurity Admin and Cybersecurity Viewer. Users in the CloudIQ Admin role can manage Cybersecurity access for users by assigning them either the Cybersecurity Admin role or the Cybersecurity Viewer role. Users who are members of the Cybersecurity Admin role have full access to the Cybersecurity feature. They can edit, enable, or disable the Evaluation Plan for a system and select or clear individual Evaluation Tests within the Evaluation Plan. Users who are assigned the Cybersecurity Viewer role can access the Cybersecurity feature and view system risks and Evaluation Plans. They are unable to enable, disable, or edit the Evaluation Plan.
CloudIQ Admins can select the Manage Assignments link to assign users to the CloudIQ Advanced, Cybersecurity Admin, or Cybersecurity Viewer role.
The Single Sign-On tab allows CloudIQ Administrators to send an invitation to their Identity Provider Administrators to become Dell Identity Admins. The Dell Identity Admin can then configure single sign-on on the Dell Identity Portal and federate with their IdP. This allows organizations to manage users’ CloudIQ authorization using their IdP. After the Identity Admin federates their IdP, the IdP is listed under the IdPs tab. Clicking on the IdP hyperlink opens the Dell Identity Portal. Users can also see a list of Dell Identity Admins who can manage the IdP group. For additional information, see KB#000212047.