Managing Cloud Users

PART 2. ADMINISTRATOR’S GUIDE
Managing Account Settings

 

Settings

·         Settings: General

·         Settings: Usage

·         Settings: Users

o   Settings: New User

o   Settings: Update User

 

 


 

Settings

The Settings panel in the Everyware Cloud Console enables you to manage your Everyware Cloud account and users.

 

The Everyware Cloud employs a centralized Role-Based Access Control (RBAC) security model where each account may have multiple users and each user may be granted a different set of permissions.  Each user has different credentials: username and password.  When you connect to the Everyware Cloud using your credentials, you will have access to the limited set of functionality granted by your permissions.  The same principle applies to users accessing the Everyware Cloud platform through the Everyware Cloud Console, the Everyware Cloud Broker, or the Everyware Cloud REST APIs.

 

Each account must have at least one user with Administrator role (which implicitly grants all the permissions).  Other users may have limited access to the Everyware Cloud determining whether they can:

·         View or manage the account or users

·         View or manage data or rules

·         Connect to the MQTT broker

 

The following table defines the permissions for users. The Administrator has all the following permissions assigned automatically.

 

Permission

Allows user to

account:view

View the account detail

account:manage

Manage the account

broker:connect

Connect to the Everyware Cloud broker

data:view

View data on this account

data:manage

Publish data on this account

device:view

View the devices on this account

device:manage

Manage the devices on this account

rule:view

View account Rules

rule:manage

Add or modify Rules

user:view

View users

user:manage

Modify, add, or delete users

 

 


 

Settings: General

The General tab under Settings provides information about your account, organization, and broker as shown in the following screen capture.  This information is setup by Eurotech when your account is created.  With “account:manage” permission, you can view details about your service plan and edit your organization’s contact information by clicking the Edit button in the General tab.

 

 

 


 

Settings: Usage

If you have “account:view” permission, the Usage tab under Settings provides a summary of your account usage including the number of devices connected to your account and the amount of data transmitted to the Everyware Cloud.  You can view the usage by date (Day or Hour) using the Usage Details By drop-down.  The Export button saves data to Excel or CSV formats.  The following screen capture shows the Usage tab.  Your contract specifies the usage allowed under your specific Everyware Cloud account plan.  Excess usage will incur an additional fee.

 

 

 


 

Settings: Users

If you have “user:view” permission, the Users tab under Settings displays all users registered with your account and a description of the permissions associated with each user as shown in the following screen capture.

 

With “user:manage” permission, you can perform the following operations using the buttons provided in the Users tab:

·         Create new users (New)

·         Change the permissions of existing users (Edit)

·         Change the password of existing users (Edit)

·         Delete users (Delete)

 

 

The following table describes the information displayed for each user in the Users tab.

 

Parameter

Description

Username

Name assigned to the user by the administrator

Email

Email used to register your Everyware Cloud Console account

Administrator

If checkbox is selected, user has administrator permissions

Permissions

Permissions assigned to the user by the administrator

 

As initially setup by Eurotech, your account includes three users with the following permissions:

·         {account} – Administrator access (full permissions)

·         {account}_apis – data:manage, data:view

·         {account}_broker – broker:connect, data:manage, data:view

 

where {account} stands for the name of your account.

 

The {account}_broker user has enough permission granted to be used by your devices to connect to the Everyware Cloud Broker, publish data, and receive data.  The Everyware Cloud platform gives you the flexibility of controlling the credentials used by your device to connect to the platform.  You can have all your devices connecting to the Everyware Cloud using the same credentials.  As an alternative, you can create multiple users with the same permissions, group your devices, and have each device group connect to the Everyware Cloud using separate credentials.

 

 


 

Settings: New User

With “user:manage” permission, you can create new users for your Everyware Cloud Console account.  To create a new user, click the New button in the Users tab under Settings to open the New User window as shown in the following screen capture.

 

Enter the User Information, and then assign access privileges by clicking the corresponding checkboxes under Permissions.  Click Submit to accept the new user.  Use the tooltips provided in the Console when entering the User Information.  Users with “user:manage” permission can create new account Administrators.

 

 

The following table defines the User Information for new users.

 

Parameter

Description

Username

Must be at least 3 characters and can contain alphanumeric characters combined with dash and/or underscore.

Password

Must be 6 characters and contain at least one lower case letter, one upper case letter, one digit, and one special character.  See note about broker accounts in the section Settings:Update User.

Display Name

A “user-recognizable” name assigned to the user, for display purposes only

Email

User’s email

Phone Number

User’s phone number

 

When creating a new user, Eurotech recommends that you follow the security principle of the least privilege by granting only the minimum set of permissions required by users to perform their functionality.  For example, when creating a new user for devices to connect to the Everyware Cloud, the three permissions of broker:connect, data:view, and data:manage should be sufficient.  In another example, an IT application which integrates the data collected in the Everyware Cloud to other Enterprise applications through the REST APIs may only need data:view and data:manage permissions.

 

 


 

Settings: Update User

To make changes to an existing user including changing the password, select the Username and then click Edit in the Users tab under Settings to open the Update User window as shown in the following screen capture.

 

Change the password in the User Information box or change the account permissions in the Access box.  Click Submit to accept the changes.  Changing permissions for a user who is currently logged onto their user account may require the user to log out and log back in before the change becomes fully effective.

 

info signal

Note:

When changing a password in the Console for accounts with broker:connect permissions, make sure to change the password at the remote device(s) as well.