Access collections

TADDM does not manage access to configuration items on an individual basis. Instead, the configuration items are aggregated into sets called access collections. An access collection is a set of configuration items that is managed collectively for security purposes.

The security of each access collection is managed by creating roles and assigning the roles to users. The role applies only to the access collections that you specify when assigning the role to a user. Therefore, access collections are used to limit the scope of the role.

When you install TADDM, the access collection that is named DefaultAccessCollection is created, and it contains all configuration items. All users have Read and Update permissions for this access collection by default, unless you enable data-level security.

Note: Users do not have permissions to read and update access collections, they can only read and update individual configuration items. However, users have Read and Update permissions for those access collections that are members of access collections assigned to them.