Managing Access Control

The Access Control section provides information about users that have access to the JCA panel. Also, it contains the Audit Log subsection with the list of actions these users have performed.

Access Control

Select the Access Control menu item to see the table with the Login, User ID, Role and Two-Factor Auth columns.

Here, you can view the list of accounts with the JCA access permissions. Use the Search field to locate the required user quickly and double-click the appropriate line to customize the access level:
  • Admin - has the full access to the JCA features and platform admin permissions
  • View - can access the Jelastic Cluster Admin panel in the read-only mode

Note: There are also owner and reseller roles, which are dimmed in the list since they can not be assigned manually to a user account.
Below, we’ll overview how to:

Add a New User Account

Click Add, type a user Login (email) and select the desired Role from the list.

Note: The appropriate user should be already registered at the Jelastic system.


add jelastic cloud admin

Click Update and a new user account will appear in the list.

For now, it can be used for logging into the JCA panel with the same password, which is used to access the user’s dashboard.

Remove the Existing JCA User

Select the desired JCA user within the list and click Remove.

remove jelastic cluster admin
Confirm your decision to delete the JCA user account and permissions associated with it to complete this operation.

Manage Mandatory 2FA for Admins

It is recommended for cluster admins to configure a two-factor authentication (2FA) as an extra layer of protection from unauthorized access. To set 2FA as an obligatory requirement for admins, use the Actions menu within the Access Control tab.

two-factor auth actions
Here:
  • Enable/Disable Mandatory Two-Factor Auth - allows turning on/off the mandatory 2FA for cluster admins.

    enable mandatory two-factor auth

    Within the appeared dialog, you can configure a few days delay for existing users before restricting access, as well as send the appropriate notifications. Also, it is possible to select Trusted Users.

  • Manage Trusted Users (displayed for the enabled 2FA only) - allows selecting trusted users from the automatically fetched list of JCA accounts to skip the mandatory two-factor authentication for them.

    manage trusted jca admins

The current state of the 2FA feature for a particular user can be seen in the Two-Factor Auth column.

Audit Log

Select the Audit Log menu item to see the table with information about the actions, performed by JCA users:
  • Date when the action was performed
  • User ID of the appropriate account (click to locate at the Users section)
  • Service influenced by the action
  • Method used for performing the action
  • Data of the action (hover over and click info icon to see its full text)
  • Duration of action processing
  • Result of execution (“Success” or the appropriate error description)

platform audit log
The data in the table can be filtered due to:
  • Time interval (Start/End dates)
  • User ID
  • Service name (Service + Method)

Just specify the needed parameters and Refresh the displayed information.