When we talk to systems administrators and other IT leaders about what they expect from their management solutions, we tend to hear a few common themes – and one of those themes is “Control”. Controlling when, how and where changes are promoted is central to Orca. But that is not quite enough. We also know that you need to control who can view and manage changes. So Orca has taken traditional Role Based Access Control (RBAC) and added new levels of flexibility, convenience and granular control.
Flexibility: Use Orca how you want – web based interface or API
Users may choose to interact with Orca via its web-based user interface or programmatically through the Orca API. Both methods of access provide role based access control (RBAC). One benefit of having RBAC that applies to both the UI and API is that you can grant restricted permissions to outsourcers or third parties – and you will know they do not have access to sensitive data.
Convenience: Orca Integrates with Microsoft Active Directory (AD)
Orca provides a built-in authentication mechanism as well as integration with Microsoft Active Directory. Many other tools integrate with AD for initial authentication only, but Orca also pulls AD group membership information, allowing you to quickly create Orca teams that mirror your AD groups. In fact, Orca teams can consist of any combination of local users, AD users, or AD groups. This makes it really easy to create teams the way YOU want to create teams, in minutes instead of hours and in just a few clicks. If you want to use your pre-configured Active Directory groups to assign team membership, all you have to do is add the AD group to your team and users in that group automatically get the correct restrictions and object-level permissions. If instead you want to create a team from scratch using local or AD users, you can do that as well!
Control over who sees what; who does what
Orca administrators may create teams and assign necessary restrictions and object-level permissions.
Orca’s team based restrictions limit what individual users assigned to a team can do. You can restrict the ability to add/edit/delete ecosystems, nodes, activities, scheduled jobs, job results, calendar events such as maintenance windows or blackouts, and more. Teams can also be granted read-write or read-only privileges for specific ecosystems, activities, and endpoints for very granular access control. For example, the team responsible for your ecommerce application can be the only team with the rights to manage your ecommerce ecosystem. The ecommerce ecosystem can even be completely hidden from non-ecommerce users.
With Orca, you have a flexible, convenient and powerful RBAC system that helps you control precisely which teams and individuals can manage or even view your important ecosystems.