The Telstra Cloud Sight platform has three distinct layers to help you to effectively manage your clouds.
- Tenancy – a single, self-contained Telstra Cloud sight environment. This is the topmost layer and contains the layers listed below.
- Workspace – a discrete space within a tenancy where one or more clouds or associated services can be gathered, helping you organise, manage and track them.
- Cloud service – the individual clouds and associated services you’ve added or connected to Cloud Sight. Every cloud service must reside within a workspace.
A user can be assigned to each of these layers, via their roles, allowing you to separate and limit a user's access to your various cloud services.
- Tenancy layer user roles - Tenancy Admin, Tenancy Manager, Tenancy Reader
- Workspace layer user roles - Workspace Admin, Workspace Manager, Workspace Reader
- Cloud Service user roles - Cloud Service Admin, Cloud Service Manager, Cloud Service Reader
A user assigned to a particular layer inherits all layers beneath it. This means a user assigned to the tenancy has access to all workspaces and clouds, a user assigned to a workspace has access to all clouds within that workspace, and a user assigned to a cloud has access to that cloud only. The role inheritence remains consistent with that of the layer at which it was assigned.
e.g. A Workspace Reader is also a Cloud Service Reader for all cloud services residing within that particular workspace.