Roles
Roles in strongDM are the primary method of providing access to datasources, servers, and websites. A role is a collection of permissions that are then granted to the users that are assigned to that role.
To assign users to roles, drag and drop their names in the Admin UI, or use the sdm admin users
command. Similarly, assign datasources and servers to roles in the Admin UI or via the sdm admin roles
command.
Composite Roles
Composite Roles are simply roles that are created as the intersection of two or more other roles. For example:
- DevOps has:
- RO access to Product DB
- RW access to Internal Staging DB
- Server access to Bastion1
- Marketing has:
- RO access to Customer DB
- Marketing Ops is a composite role that is built from DevOps and Marketing. It therefore has:
- RO access to Product DB
- RW access to Internal Staging DB
- Server access to Bastion1
- RO access to Customer DB
No Role
The default role for new users is No Role. While in this role, users have no datasource or server access unless it is granted to them individually.
Suspended
Users in the Suspended role cannot log in or access any datasources or servers.