Managing Access Control
Go to the Access Control section to view a list of accounts which can access JCA panel. If needed, use the Search field within the tools panel to locate the required user quickly.
Below, we’ll overview how to:
Add a New User Account
Click Add from the tools panel and provide the following data in the appeared form:
- Login - email address of a user to be granted JCA access (should be already registered at the platform)
- Role - account permission, which can be selected from the list:
- view - allows accessing the Jelastic Cluster Admin panel in the read-only mode
- admin - provides full access to the JCA features and platform admin permissions for API calls
Now, it can be used for logging into the JCA panel with the same password, which is used to access the user’s dashboard.
Edit Access Level
To edit the access permissions for an account, double-click the appropriate line and select a new Role (see the descriptions in the previous step):
Remove the Existing JCA User
Select the undesired JCA user within the list and click Remove.
Confirm your decision to delete the permissions to access and manage JCA for the account.
Manage Mandatory 2FA for Admins
It is recommended for cluster admins to configure two-factor authentication (2FA) as an extra layer of protection from unauthorized access. To set 2FA as an obligatory requirement for admins, use the Actions menu within the Access Control tab.
- Enable/Disable Mandatory Two-Factor Auth - allows turning on/off the mandatory 2FA for cluster admins.
Within the appeared dialog, you can configure a few days delay for existing users before restricting access, as well as send the appropriate notifications. Also, it is possible to select Trusted Users.
- Manage Trusted Users (displayed for the enabled 2FA only) - allows selecting trusted users from the automatically fetched list of JCA accounts to skip the mandatory two-factor authentication for them.
Open the Access Control > Audit Log section to see the table with information about the actions performed by JCA users:
- Date - time when an operation was performed
- User ID - unique identifier of the account, which executed the action (click to locate within the Users section)
- Service and Method - platform API service and method used for the action
- Data - parameters of the performed operation (hover over and click the info icon for the full view)
- Duration - time to complete the action
- Result - an outcome of the operation (either Success or the appropriate error)
If needed, you can specify a period of search (Start and End Date) and apply filters:
- User ID of the account to show the logs for
- Service Name to locate an execution of a particular API (Service + Method)
When the needed parameters are specified, click Refresh to display information.