Define Security for Azure®
Use the Business Object Editor and Security Group Manager in CSM Administrator define security for Azure®. When you define security, you:
- Enable Field encryption for the Admin Password field on the Virtual Machine Configuration Item Form.
- Define Business Object Security Rights for the Portal Customer Security Group and Portal Workgroup Manager Security Group. Business Objects associated with this mApp Solution do not support any rights by default.
This functionality is only available if you have applied the Orchestration Pack for Microsoft® Azure®. For more information, refer to the mApp Solution Tech Notes documentation.
Enable Field Encryption
To enable Field encryption for the Admin Password field on the Virtual Machine Configuration Item Form:
- In the Object Manager, click Config - Virtual Machine in the Object tree, and then click the Edit Business Object task in the Structure area.
The Business Object Editor opens.
- Click the Admin Password field, and then click the Field Properties button.
- Click the Advanced page.
- Select the Enable Field Encryption check box.
- In the drop-down, select an encryption key (encryption keys are managed using the Server Manager).
- Click OK.
Define Security Rights
To define Business Object security rights for the Portal Customer Security Group and Portal Workgroup Manager Security Group:
- In the CSM Administrator main window, click the Security category, and then click the Edit Security Groups task.
- Define the following Business Object rights for the Portal Customer Security Group:
- Config - Virtual Machine: Select rights to View, Add, and Edit.
- New Field: Select rights to View and Edit.
- Journal - History: Select the right to Add.
- New Field: Select rights to View and Edit.
- Journal - Integrations Audit: Select rights to Add and Edit.
- New Field: Select rights to View and Edit.
- Specifics - Azure VM: Select rights to View, Add, and Edit.
- New Field: Select rights to View and Edit.
- Config - Virtual Machine: Select rights to View, Add, and Edit.
- Define the following Business Object rights for the Portal Workgroup Manager Security Group:
- Config - Virtual Machine: Select rights to View, Add, and Edit.
- New Field: Select rights to View and Edit.
- Journal - History: Select the right to Add.
- New Field: Select rights to View and Edit.
- Journal - Integrations Audit: Select rights to Add and Edit.
- New Field: Select rights to View and Edit.
- Specifics - Azure VM: Select rights to View, Add, and Edit.
- New Field: Select rights to View and Edit.
- Config - Virtual Machine: Select rights to View, Add, and Edit.
- (Optional) Define Business Object rights for the following Business Objects:
- CI VM Status
- VM Action
- VM Default Size
- VM OS
- VM Request
- VM Size
- VM Template
-
Select OK.