User Roles
IBM Digital Asset Haven provides different user roles depending on the deployment model. The SaaS deployment includes subscription-level and instance-level roles. The hybrid deployment includes system-level administrative roles.
IBM Digital Asset Haven for SaaS
The roles described in this topic are the default user roles provided with IBM Digital Asset Haven. These roles represent common administrative and operational responsibilities across subscription-level and instance-level scopes. You can define additional custom roles or tailor role assignments for their instance to meet organizational security, compliance, and operational requirements.IBM Digital Asset Haven for SaaS supports two primary categories of user roles:
- Subscription owner
- The subscription owner has access to the SaaS console and can perform platform-level tasks. These tasks include:
- Provision and deprovision new service instances
- Managing billing and subscription details
- Grant custom user access to SaaS console account, subscription, and associated service instances
- Instance-level roles
- Each service instance supports the following roles:
Administrator:
- Has complete administrative control over the instance
- Can configure settings and manage all users
- Can attach and manage policies
- Create custom roles
Default end user :- Has access to the instance features as permitted by policies
- Cannot perform administrative configuration tasks
Note: For further information about granting access to subscriptions and service instances, refer to Getting started with the IBM SaaS Console with accounts in IBM SaaS Console.
IBM Digital Asset Haven for Hybrid
The hybrid deployment includes the following role:- System administrator
-
The system administrator is responsible for:
- Configuring IBM Offline Signing Orchestrator
- Installing and configuring the IBM Digital Asset Haven plug-in