Managing User Access

Flexera provides many different roles for access control to the features in Automation that should align well to the users in your organization. The following subsections describe how to manage user access in Flexera One Automation.

Policy Roles and Access Controls
Access Levels
Granting Policy Roles
Detailed Feature to Role Mapping
Policy-Specific Permissions

Policy Roles and Access Controls

Important:Your account’s user with the Administer organization role provides user access to Automation roles. For complete descriptions of each role available in Flexera One, see Flexera One Roles.

To access the Automation user interface in Flexera One, you must be granted at least one of the Automation roles in at least one account. If you need access to an Automation role, contact your account’s user with the Administer organization role.

Access Levels

For all policy roles except Publish policies, the role can be granted to a user or group at either the organization or the account level. When a role is granted at the organization level, it effectively grants that role to every account that exists now and in the future in the organization. Another effect of organization-level roles is that those users will be able to use the Organization Summary view on many policy pages, which rolls up all information about policies and incidents into a single overview. For users with account-level access, they will only be able to see content on an account-by-account basis.

Granting Policy Roles

The account’s user with the Administer organization role is responsible for inviting and granting roles to Flexera One Automation users. For details, see Access Management.

Detailed Feature to Role Mapping

The following table describes which roles are needed to use the various features of Flexera One Automation.

Automation Screen

Automation Feature

Roles that can use the Automation feature

Catalog

View Catalog

Publish policies
Create policies
Manage policies

Publish a Policy Template

Publish policies

Un-Publish a Policy Template

Publish policies

Delete Custom Policy Template

Publish policies

Apply a Policy

Create policies
Manage policies

Automation Dashboard

View Dashboard

Create policies
Manage policies
View policies

Organizational Summary

Organizational Roles:

Manage organization
Create policies
Manage policies
View policies

Applied Policies

View Applied Policies

Create policies
Manage policies
View policies

Update a Policy

Create policies
Manage policies

Terminate a Policy

Create policies
Manage policies

Apply a Similar Policy

Create policies
Manage policies

Incidents

View Incidents

Create policies
Manage policies
View policies

Approve or Deny an Action

Approve policies

Templates

View Templates

Publish policies
Create policies

Update a Custom Policy

Create policies

Apply a Policy

Create policies

Delete a Custom Policy Template

Create policies

Publish a Policy Template

Publish policies

Credentials

Create/Edit/Delete Credentials

Administer organization

List/Use Credentials

Create policies
Manage policies

Policy-Specific Permissions

The policy roles described above grant users access to Flexera One Automation and its features. However, policies themselves have the ability to interact with any API which, in many cases, require permissions on that target API. The user that applies the policy must have the underlying privileges to access the resources needed by the policy. Each policy provided by Flexera documents its required permissions.