Access Role Request
Overview
An Access Role Request allows you to conveniently request a role for the required server or Kubernetes cluster. Upon approval, the role is granted immediately, and you can access the servers or Kubernetes clusters permitted by the role.
Access Role Request
1. Select Approval Rule
Choose an Approval Rule that matches your purpose. The approvers will vary based on the selected rule.
If an administrator has pre-assigned approvers for the selected rule, they will be designated automatically, and you cannot add or change them.
2. Designate Approvers
Click the
+
button in the approval line to open a popup where you can designate approvers for each stage.Add approval conditions and approvers in this popup, then click
Save
to save the approval line.The available approval conditions are:
A single Assignee can complete the approval request : The request is approved with approval from any one of the assigned approvers.
All Assignees must approve this request : All assigned approvers must approve the request for it to be approved.
3. Designate Reviewers
Click the
+
button in the approval line to open a popup where you can designate reviewers.If the administrator has not allowed reviewer designation, the Reviewer box will not be displayed.
Add the reviewers in this popup.
Then, click
Save
to close the modal and complete the reviewer designation.
4. Send Request with Post-Approval
If the selected approval rule allows post-approval, the Urgent Mode switch will be displayed.
Set Urgent Mode to On, and upon submitting the request, you will immediately be granted privileges or be able to perform the task.
Q. Why don't I see the Urgent Mode switch?
A. The Urgent Mode switch is not displayed if the selected approval rule does not allow Urgent Mode.
5. Select Target Role
Service: Choose the target service. You can select either Server Access Control or Kubernetes Access Control.
Role: Select the role from the list displayed according to the chosen service. (Single selection)
Based on the selected service and role, the following information will be displayed:
Server Access Control: The names of accessible server groups, servers, and accounts.
Kubernetes Access Control: The names of accessible Kubernetes clusters, platforms, and API URLs.
Note: Only one role can be requested at a time in an Access Role Request. Separate approval requests are required for each role, enhancing access management.
6. Enter Request Information
Title: Enter the title of the request.
Expiration Date: Select the expiration date when the permission will be revoked.
This is a mandatory field, and if not set, the default is one year from the request date.
It is recommended to request access only for the period needed for appropriate connection access management.
Reason for Request: Provide a reason for requesting access permissions.
Submit : Once you have completed the request form, click the
Submit
button to finalize and submit the request.