User roles

IBM® Security Guardium® Key Lifecycle Manager provides a set of default user roles. A user role consists of one or more permissions that provide role-based access to the product features.

IBM Security Guardium Key Lifecycle Manager server installation creates some default user roles. Installing IBM Security Guardium Key Lifecycle Manager creates predefined administrator, operator, and auditor groups to manage LTO tape drives.

You can define additional administrative roles to meet the needs of your organization.

For example, you might create a group and assign both users and a role that limits user activities to administer only LTO tape drives. You must assign a role to a new user before that user attempts to log in to IBM Security Guardium Key Lifecycle Manager.

Before you begin, complete the following tasks:

  • Determine the limits on device administration that your organization requires.

    For example, you might determine that a specific device group has its own administration.

  • Estimate how many administrative users might be needed over an interval of time. For ease of use, consider specifying a group and a role to specify their tasks.

    For example, you might specify a group that has a limited range of permissions to manage only 3592 tape drives.