Configuring security for the blueprint design server#

The access control settings for the blueprint design server are similar to the settings for the HCL™ Launch server. You can create teams and roles, assign users to those teams and roles, and assign resources to those teams.

However, the blueprint design server is different because it does not store its own list of users. Instead, the blueprint design server imports accounts from authentication realms, including OpenStack Keystone services, LDAP servers, and Single Sign-On servers. Therefore, to configure access control, you must first import user accounts from one or more authentication realms, as described in Setting up access to clouds in the blueprint designer. Then, you associate those user accounts with roles and teams, as described in Configuring blueprint design server users, Configuring blueprint design server user roles, and Configuring blueprint design server teams.

Note: These teams and roles are separate from the teams and roles for the HCL Launch server.

Access control settings include the following concepts: