How does service management implement user access control?

Action Permissions

Users of the NSP service management function are assigned a role with defined action permissions. These permissions either allow them to, or prevent them from, performing specific operations. When granting permissions, the available scopes are as follows, and are assigned by an NSP administrator within the Users and Security views:

The following operations are exclusive to users with write permissions:

The following operations are exclusive to users with execute permissions:

Consult the NSP System Administrator Guide or your NSP administrator for more information.

Note: In addition to the above permissions, non-admin service management users must have Read permission for Network Intents enabled. If any custom RPC actions need to be executed, the non-admin service management users must have Operate Intents permission for Network Intents enabled as well. In general, service management users must have access control enabled - within Network Intents - for any intent type they intend to use.

Note: The Edit service action is disabled for users who only have Read permission. These users can manually navigate to the modifications forms via URL, and make changes on these forms, but the Apply button will be disabled.

Resource Groups Access

Users of the NSP service management function are assigned a role with defined resource group access. Their resource group access either allows them to, or prevents them from, accessing specific resources - such as services or network elements. A user's access to a service or network element will affect inventory listings, service CRUD operations, intent suggest functions, and intent RPC calls. When granting access, the available options are as follows, and are assigned by an NSP administrator within the Users and Security views:

Note: NSP administrators have Read/Write/Execute permissions for the full span of services and network elements. No further user access control validation is performed.

The following limitations apply when resource group access is defined:

© 2024 Nokia. Nokia Confidential Information

Use subject to agreed restrictions on disclosure and use.