Defined roles in IDM are just that, roles that are defined by an IDM user. Defined roles are a powerful mechanism that makes it easy to enable access to the proper LC hosts and groups based on the user's project. When a new person is added to a project, they only need to be added to the associated defined role, which would then automatically grant all of the needed host and group permissions.
Creating a Defined Role
An LC Coordinator can request the creation of a new defined role by sending a request to the LC IDM team at email@example.com. The information needed for a request includes:
- The name of the role
- Which networks the role is needed in (OCF, SCF, SNSI)
- The LC groups and LC hosts which are associated with the role (i.e., the access being granted by membership in the role)
- The ouns of the people who can approve membership changes for this role
- Required membership traits (e.g., US citizen, Q-Clearance)
Adding or Removing Members of a Defined Role
See IDM—Add or Remove Role Members to manage role membership.