There are two types of permissions that work together to ensure the right level of access for all of your RONIN users:
RONIN obtains user access tokens and top level groups from Cognito.
Cognito can be connected to third party identity providers such as Google, Facebook, OpenID and SAML.
As a member of the RONIN Admin group, I can…
- Create projects and assign users to them.
- Monitor project budgets and pause projects if necessary.
- Configure the pre-configured software in the create machine workflow.
- Do everything a RONIN Lower Admin can do.
RONIN Lower Admin (previously RONIN Trial Admin)
As a member of the RONIN Lower Admin group, I can…
- Access the Budget Management and Machine List screen
- Monitor project budgets and pause projects if necessary for the projects I am a member of.
- Do everything a RONIN User can do.
As a member of the RONIN User group, I can...
- Login to RONIN using my account sync'd from a connected Active directory or sent to me by RONIN.
- Be found in a RONIN user search.
- Access and/or administer projects that have been assigned to me
- Log out.
RONIN PROJECT GROUPS
As a Project Admin within a RONIN project, I can...
- Modify permissions for other users within my project, including adding additional Project Admins, Users, Viewer.
- Modify Project settings including project budget.
- Do everything a Project User can do.
As a Project User within a RONIN project, I can…
- Launch, start, stop and terminate instances within my project.
- Choose the size of the machine I want to launch.
- Attach additional storage to my project’s instances.
- Backup my project’s storage.
- Package my research infrastructure to reproduce or share my work within my project.
- Create, manage and delete object storage. (s3)
- Do everything a Project View can do.
As a Project Viewer within a RONIN project, I can...
- Search for projects I have access to.
- View the project dashboard.