Contents x
      Creating and Deleting a Role
      • 01 Nov 2023
      • Print
      • PDF
      Contents

      Creating and Deleting a Role

      • Updated on 01 Nov 2023
      • Print
      • PDF
      Article Summary

      Creating a Role

      1. Click Create Role.
      2. Enter a role name. It can contain only alphanumeric characters and the following special characters: plus sign (+), equal sign (=), period (.), ampersand (@), dash (-), underscore (_).
      3. Modify the code for the role, as appropriate.

      4. Click Save to create the new role.

      If the policy has a syntax error, it will be flagged with a message when you attempt to save the role. Create the role again with the corrected policy code.

      Creating a Role for Single Sign On (SSO)

      If you are configuring the SSO feature (as described in Configuring the Single Sign On (SSO) Feature), you must define a role for the SSO user. You can configure SSO using one of the following protocols:

      • SAML
      • OPEN ID

      You must create a role based on the chosen protocol.

      1. Click Settings on the Wasabi menu. Or, open the account sign-indrop-down and click Settings.
      2. Open the SSO (Single Sign On) drop-down.
      3. Scroll down to Roles under the SSO configuration. For example:

      4. Click Create Role.
      5. Enter a role name and click Next.

      6. Assign policies to the role. You can associate policies in two ways:
        • Click in the Attach Policy To Role area at the top of the panel. Select a policy from the drop-down.
        • Select one of the predefined policies listed on the left of the panel. Simply click on + to the right of the policy name.

        Assigned policies are displayed on the right of the panel.

      7. Click Create Role. The role is created and contains the SSO path. For example:

         

      Creating a Role for SSO Legacy

      If you are configuring the Single Sign On (SSO) feature (as described in Configuring the SSO Legacvy Feature), you must define a role for the SSO user. You can configure SSO using one of the following protocols:

      • SAML2
      • OpenID Connect (OIDC)

      You must create a role based on the chosen protocol.

      1. Click Create Role.
      2. Enter a role name.
      3. Modify the code for the SAML2 or OIDC protocol, as shown below.

        SAML2 Role Example

        <RootUserAcctID> is your root user account ID.
        <IDP> is your provider ID.

        OIDC Role Example

        <RootUserAcctID> is your root user account ID.
        <IDP> is your provider ID.

      4. Click Save to create the new role.
      5. Add a policy to the role as described in Attaching a Policy to a Role.

      Deleting a Role

      In the Action column for a role, click Delete with caution. As soon as you click the button, the role is deleted.


      What's Next
      Copyright © 2024 by Wasabi Technologies LLC
      75 Arlington Street, Suite 810, Boston, MA 02116 USA
      All Rights Reserved
      Visit us at https://wasabi.com.
      WASABI and the WASABI logo are trademarks of Wasabi Technologies LLC and may not be used without permission of Wasabi Technologies. All other names are used for identification purposes only and are trademarks or registered trademarks of their respective companies.

      Information presented herein is subject to change without notice. Companies, names, and data used in examples are fictitious unless otherwise noted. No part of this information may be reproduced or transmitted in any form by means electronic or mechanical, for any purpose, without express written permission of Wasabi Technologies.