Unicon documentation migration is in progress. You might find some broken links or experience minor issues in the documentation. We are working on resolving these issues.

X

ELIAS role concept

Regardless of whether users are authenticated via Active Directory or via Keycloak, they obtain their access rights by by being assigned to one of the ELIAS roles Info, User or Admin. The rights of the three roles build on each other.

Info: View the content of images, no changes possible

User: Create and edit templates and images within a container

Admin: Manage container, delete software packages, import / edit certificates within a container

On top of this is the Global admin, who manages access rights, can manage multiple containers and change ELIAS settings. The Global admin is defined by an ELIAS access right with global access. Initially - directly after the installation - the local admin account is provided for this purpose. With the local admin account, you initially define the ELIAS access rights. An ELIAS access right contains the following:

  • Relevant users (AD or Keycloak)

  • ELIAS role with rights

  • Container to which the ELIAS role rights refer

  • Option for global access

You can see that the user and access management depends on the ELIAS access right. After you have defined an ELIAS access right with global access (Global admin), you are free to disable the local admin account.

Feature Admin User Info
Templates and images      
  • create
X
  • save (as)
X
  • edit
X
  • rename
X
  • solve
X
  • delete
X
  • sign
X
  • lock
X
  • export
X
Container      
  • export
X
  • create
X X
  • import
X X
  • rename
X X
  • clean up
X X
  • delete
X X
Container information      
  • view
X
Software packages      
  • delete
X X
Change log      
  • view
X
  • export
X
Notification history      
  • view
X
Certificates      
  • view
X
Certificates for package validation      
  • import
X X
Certificates for image signing      
  • edit
X X
ELIAS role concept