Cisco enables enterprises with multiple clients and centralize IT departments with multiple business units to create multiple hierarchies of administrators and users. Each hierarchy is called a tenant.
Configure Sub-Tenant Administrators
Tenant ID and Tenant Name Dependency
The Tenant ID field is displayed when a user logs into the CCM UI.
- If the URL provided in the Tenant Name field includes the DNS name, the Tenant ID is not required to login to the CCM UI.
- If the p credentials are used to login to the CCM UI, the Tenant ID is not required.
- In all other cases, you must provide a valid value in the Tenant ID field.
Typically, the Tenant ID field uses the first word provided in the Tenant Name. For example, if the Tenant Name is acme.cliqr.com, the CloudCenter platform automatically uses acme as the Tenant ID, unless otherwise configured in the Add a New Sub-Tenant page.
If this name is already used by another domain, you will see a corresponding error message requesting you to provide an alternate domain name.
Restrict Resource Permissions
You can share resources with sub-tenants as specified in Permission Control > Application Profile Permissions. As a resource owner, you can use the Share popup for a resource to
With a tenant – all users in that tenant and its sub-tenants can view/access the shared resource.
With a user who is the sub-tenant admin – only that user can view/access the shared resource. If you assign Manage permissions, the sub-tenant admin can then share it with users and sub-tenants within his/her tenant.
To change resource (for example, an application profile) permissions, follow this procedure.
From the Share popup for the application profile (or other resource), access the Users tab.
- Assign Manage permission for the application profile for the required sub-tenant admin and save your changes.
- Alert the sub-tenant admin to this change.
The sub-tenant admin can login and see the permitted application profile in the list of applications that (s)he already owns and can then decide to share the application profile with other users of their choice.
Only the tenant owner can disable sub-tenants.
The CCM UI provides a view of the overall application health across multiple clouds just as it does for a single cloud. As an admin, you can specify how much of each workload runs on which cloud by using the CCM UI.
When governing hybrid clouds, a central authority, like the IT department for each enterprise, grants and restricts administers and provisions cloud services. To establish and govern hybrid clouds across departments, CloudCenter provides powerful governance features that allow administrators to set up multiple tenants,, and administrative tools that enforce standardized usage within the enterprise and between departments.
User Password Rules
Thecan reset password for tenant users or prevent all tenant users from resetting their own passwords.
Tenant administrators can configure the following password rules in the CloudCenter UI > Admin > Sub-Tenant > Add a New Sub-Tenant page.
|Minimum length for password||8||Character limit scroll bar|
|Valid for days||8||Character limit scroll bar|
|No (unchecked)||Check box|
|Require at least one uppercase character||No (unchecked)||Check box|
|Require at least one lowercase character||No (unchecked)||Check box|
|Require at least one digit||No (unchecked)||Check box|
|Require at least one special character||No (unchecked)||Check box|
CloudCenter requires theto be present in each target cloud region or cloud datacenter that is under management.
When an administrator installs anfor a tenant and registers it with the , only permitted users, sub-tenants, and users within the sub-tenant can access this . If this permission is not granted, tenant organizations can only work with clouds setup by their parent tenant.
Adding a tenant-specificis the same as adding an at the root level. The only difference is that you are logging in at the tenant level and need access to the applicable clouds and cloud accounts.
To add a tenant-specific, follow this process:
- To enable communication between the Configure Cloud(s). , , and the within your cloud, you must provide the logical mapping details for your cloud configuration in the CCM UI. See
- Register the CCO with the CCM for this tenant.
Configure the Tenant Logo
Be aware of the following requirements to configure a logo for a tenant or sub-tenant:
- CloudCenter supports
To update the tenant logo, follow this procedure:
- Access the CCM UI > Admin > Sub-Tenants page.
- Click the required sub-tenant link to edit the details for this sub-tenant. The Edit Sub-Tenant Information page displays.
- Scroll down to the Add New Logo section and click the Browse button to select the new logo.
- Once selected, click the Add Logo button to update the logo. Verify the newly-added logo that is automatically displayed in this section.
You have the option to delete tenants and all its sub-tenants, including terminating VMs. Before deleting a tenant verify the following requirements:
All the running jobs will be terminated for all users – users cannot be deleted before their jobs are terminated.
All users in the tenant are deleted
All the sub tenants under the tenant must be deleted prior to issuing this API call. If any sub-tenant is not deleted, then a validation message states that you do this first.
To delete a tenant (or sub-tenant), access the CCM UI > Admin > Sub Tenants > TenantToBeDeleted > Actions dropdown > and select Delete.
- No labels