Access Groups

You can use access groups to provide roles with management permissions over certain hosts. This can be useful when you want to delegate management of certain hosts to separate users or roles.

The high-level steps for delegating host management involve:

  1. Create an access group.

  2. Put roles into the access group, and set management permissions.

  3. Deploy hosts into the access group.

To create an access group:

  • On the Administration→Access groups page of the PrivX GUI, click Add Access Group. Provide the required information and click Save.

To put roles into access groups, and to set management permissions within the access group:

  1. On the Administration→Roles page, Edit a role to display its settings.

  2. Expand Permissions, then set the following:

  • Set the Access group for this role.

  • Select permissions this role has in the access group. Note that only host-management (hosts-) and connection-management permissions (connections- ) are access-group-specific.

Deploy hosts into the access group:

To change the access group of an already-deployed host, run the host-deployment script with the correct access group on the host.

Was this page helpful?