HP Matrix Operating Environment 7.2 Update 1 Infrastructure Orchestration User Guide
A service provider administrator assigns service provider users to templates. However, an
organization administrator cannot assign organization users to templates. An organization user
has access to all of the templates assigned to that organization.
A Windows user may be both a service provider user and an organization user. In this case, if
the Windows user logs into the self service portal, the user will have access to the templates to
which he/she is assigned. If the Windows user logs into the organization administrator portal, the
user has access to all of the templates assigned to the organization.
Table 9 Resources visible to service provider and organization administrators and users
Organization
user/group access
Organization
administrator
access
Service provider
user access
Service provider
administrator
controlsOriginationResource
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if
published. If
Assign to one or
more
Created by IO
architect using
Infrastructure
orchestration
templates by theby the serviceaccess restrictionsorganizationsinfrastructure
organizationproviderare enabled,and/or restrictorchestration
designer administrator
(published only)
administrator
(published and
unpublished)
visible if
published AND
the template is
service provider
user/group access
assigned to the
user/group
Visible if assigned
to the organization
Visible if assigned
to the organization
No restrictionsAssign to one or
more
organizations
1
Created or
discovered by IO;
can be edited by
service provider
administrator
Networks
by the
organization
administrator
by the service
provider
administrator
Visible if assigned
to the organization
Visible if assigned
to the organization
Visible if resource
is kept at the
Keep at service
provider or assign
Discovered by IOCompute
resources
and the user isby the serviceservice providerto one
organization
(physical servers,
VM Hosts, ESX assigned to theprovider
administrator
level and the user
is assigned to theresource pools, pool containing
pool containingand cloud
resources )
2
the resource by the
organization
administrator
the resource by
the service
provider
administrator
Allocate a
separate storage
Automatically
generated by
Storage pool
entries
tag to eachMatrix OE, or
organization.created by service
Match logical diskprovider
tags with storageadministrator using
pool entry tags, orMatrix OE logical
choose theserver
appropriate SPMmanagement,
storage templateoptionally using
using tags in the
IO template
Storage
Provisioning
Manager
1
IO does not include or preclude active firewalling between VLANs.
2
Storage management for physical server blades can be performed only by the service provider administrator.
Information security
The following table shows the information that is visible to the service provider administrator, service
provider user, organization administrator, and organization user.
Service provider administrators and users see messages only related to that organization. To
prevent information from passing from one organization to another through storage, infrastructure
orchestration scrubs both the boot and data disks when a service is deleted.
Security in infrastructure orchestration multi-tenancy 163