Introduction
This Pillar provides several modules that help you cook some ACL recipes, package them and assign them as products to tenants.
In Addition you can create tenants that will use your product, manage their applications and secure them via key security.
The modules within the Manage pillar are:
ProductizationThe productization module offers the ability to secure your microservice & daemons and package them to assign them later on to tenants.
Here is a step by step approach on how to do that.
Add a new productFrom the dashboard, go to Manage pillar → Productization
Step 1:
Once there, you should see the default Dashboard Product with two packages in it.
Step 2:
Click on "Add New Product" and fill in the form.
Step 3:
You should now see an empty product right below the Dashboard Product.
Now that you've added a new product, go ahead and add a new package in it so you can configure the ACL.
Similarly to the above, click add new package and fill in the form.
| Note | ||
|---|---|---|
| ||
So far, we've added a new product and added a new package inside it. Before continuing, we have to configure the ACL of the package. The ACL is what will allow or deny access to the microservices and their APIs. |
Click on "Edit Package ACL" and you will be taken to a new page where you see the list of all activated services grouped under environment codes.
Check all the boxes of the services you want to allow this package to access.
The ACL works per environment, meaning if you deployed the same service in multiple environments, you can allow this package to access the service in one environment and prevent it in another.
You can learn more about deploying environments, check out the Deploy Pillar page.
| Note | ||
|---|---|---|
| ||
When you check a service, it will expand and you will see 2 radio button: public and private.
Selecting public grants access to the service/API for anonymous users whereas private enforces that service/API access is only allowed for logged in users. |
This module offers the ability to create and manage tenants and their applications.
It also allows us to link tenant to productized package and secure them via key security.
The module provides a list of all the tenants except the tenant you are logged in with, for that please head to Settings.
Here is a step by step approach on how to do that.
Add a new tenantGo to Manage → Multi-Tenancy and click "Add Tenant"
Step 1:
Here you will be prompted to create either a Client Tenant or a Product Tenant.
Product tenants are tenants that do not have users under them.
Client tenants are useless by themselves, they rely on their users to interact with your products.
Step 2:
After you choose the tenant role, fill the rest of the form to complete creating a tenant.
| Note |
|---|
While creating a tenant, if you pick a dashboard package for it, it means you want the users of this tenant to access the dashboard UI later on. If this is not the purpose of the tenant you are creating, do not pick a package for it from the drop down. The drop down only shows package that belong to the Dashboard Product under productization. |
After you create a tenant, assign an application for it and while doing that, pick the package you want to it to use from productization.
Secure your tenant by generating an encrypted key. Keys are linked to applications and have additional security measures like geo, device and expiry options.
Step 1:
Step 2:
Pick an expiry date if you want your external key to expire at some point or leave it blank for unlimited.
You can add additional security configuration such as device security and geolocation security.
Step 3:
Copy the external key value and place it in the header of your requests and you should be able to successfully access your services/APIs!
Now that we have added a tenant, we can configure its services config, if required. Click here to learn more about services config.
Click on the "+" near the application name, then click on the Tenant Application Key, then on the Key Environment Configuration tab.
Here you will see a list of available environment where we can configure the services config.
The tenant organization chart module allows you to manage the users and groups of all available tenants except the tenant you are logged in with.
This module offers UI/UX wizards that interact with the URAC microservice deployed under the Dashboard environment.
To learn more about user registration and Access Control, check out the URAC space.
Create and Package your ACL recipes
Create and Manage Tenants, secure them with keys and assign Productized ACL Packages to them.
Administer the users and groups of all the tenants in your application.
Administer the users and groups of your tenant.
Update and modify the configure of the tenant you are logged in with
.
This module offers UI/UX wizards that interact with the URAC microservice deployed under the Dashboard environment.
To learn more about user registration and Access Control, check out the URAC space.
The Settings module will allow you to manage the settings of tenant your logged in with only.
This module offers the same functionality that the multitenancy module does but is restricted to interact only with your tenant.
if you need to change information for other tenants, please head to multitenancy.
Productization
| Anchor | ||||
|---|---|---|---|---|
|
The productization module offers the ability to secure your microservice & daemons and package them to assign them later on to tenants.
Here is a step by step approach on how to do that.