Cloud Services

ModernOps configuration

Legacy roles
Published On Sep 04, 2024 - 11:24 AM

Legacy roles

Learn the details about the legacy roles for platform administration, which are assigned to users to provide access to specific role-based functions.
The following matrix describes the responsibilities that each role has within Kyndryl Modern Operations legacy service.
Role
Description
Responsibilities
Applicable context type
Persona
System Admin
System Admin is the first user that is added into the System.
The System Admin role provides the following privileges:
  • Create/Read/Update/Delete master and asset accounts (provider accounts), System accounts, System account credentials, Integration End Points, Integration End Point Metadata , Vault, Organizations, Teams, User-Team Relationship, Configuration, and User key.
  • Manage - Currency Conversion Management
  • Organization "All orgs" is the only supported value for this role
  • No custom or other OOB contexts can be assigned to this role
Marshall, IT Administrator
Team Setup Admin
Team Setup Admin has the ability to manage User Management and Account Management, and also manage Teams that they belong to, and manage all Organizations.
The Team Setup Admin role provides the following privileges:
  • Create/Read/Update/Delete teams, user-team relationship, billing and asset accounts (provider accounts), pricing rules, user-key, context value, Users, Organizations.
  • Update Context
  • View Role
  • Organization
  • Scope all Organizations
  • No custom or other out-of-the-box (OOB) contexts are allowed
Francesca (Application Owner) Dennis (Enterprise Architect)
Audit Viewer
Audit Viewer can only view/download the audit logs. They cannot manage other audit activities such as audit archival.
The Audit Viewer role provides the following privileges: • View audit logs • Download Audit Log
Organization
  • "All orgs" is the only supported value for this role.
  • No custom or other OOB contexts can be assigned to this role
Marshall (IT Administrator) Dennis (Enterprise Architect) Sonya (IT Ops Manager)
Budget Administrator
Budget Administrator has the ability to manage budgets and budgetary units in Kyndryl Modern Operations Applications.
The Budget Administrator role provides the following privileges:
  • Create/Read/Update/Delete Budgetary Unit, and Budget.
  • Read Context
  • Organization
  • Either all organizations or a specific organization can be selected.
  • No custom or other OOB contexts allowed.
Charlotte (Billing Analyst)
Audit Admin
Audit Admin can manage audit archival files. They cannot view/download the audit logs.
The Audit Admin role provides the following privileges:
  • Administer audit archival configurations.
  • Perform Archival of Logs.
  • View Archival Details
  • Setup Schedules for Archival and Archival files storage.
Organizations
  • "All orgs" is the only supported value for this role.
  • No custom or other OOB contexts can be assigned to this role
Marshall (IT Administrator)
Service Integrator
The Service Integrator role provides the following privileges:
  • Edit IBUS Message
  • Read/Update/Delete IBUS Subscriber
  • View System Account Credential and Provider Account Credential
  • Create Audit Log
  • Create/Read/Update/Delete API
  • Credential View provider account credential
All Organizations
Not Applicable
Application Integrator
The Application Integrator role provides the following privileges:
  • Ability for an Application to register its onboarding info over the API Gateway.
  • An application which is not running behind the API Gateway needs to be able to register its onboarding info over the API Gateway. The following Application Artifacts should be register-able:
    1. Roles
    2. Routes
    3. Notification Templates
All Organizations
Not Applicable
User Admin
User Admin has the ability to manage Users, Teams, Organizations etc in the System.
The User Admin role provides the following privileges:
  • Create/Read/Update/Delete teams, user-team relationship, User-Key, Context Value, and Users.
  • Update Context
  • View Role
  • Organizations "All orgs" is the only supported value for this role.
  • No custom or other OOB contexts can be assigned to this role
Marshall (IT Administrator)
Provider Account Admin
Provider account admin has the ability to manage Provider Accounts and Credentials.
The Provider Account Admin role provides the following privileges:
  • Create/update/delete provider accounts
  • Create/update/delete provider account credentials
All Organizations
Marshall (IT Administrator)
Do you have two minutes for a quick survey?
Take Survey