User Permission Groups
There are three User Groups with different combination of permissions that determine what a User can view and do in CloudCockpit.
Administrator
The Users that are in this group have all the permissions in CloudCockpit.
- Full control and visibility within the assigned context (CSP, Reseller or Customer)
- Manage and view all aspects of the portal
Viewer
The Users can view, but not manage.
- Can view subscriptions, users, customers, offers, orders, providers, resellers, invoices, invoice settings, customer users, and reports
- View Microsoft 365 users and their licenses but can't modify license assignments
- Download invoices
Alert Manager
Azure/Risk Management Alert.
- An add-on so users can receive Azure consumption email alerts
- Can be granted together with Viewer or Administrator permissions
- Administrators don't possess these capabilities
Permission Groups are limited to the User context
This means a User is only able to access the information to which his Microsoft tenant is authorized to access.
See examples below:
CSP User
A CSP User in the Administrator group will only be able to see in CloudCockpit what is associated with its own CSP context.
- Every Reseller and Customer associated with his CSP tenant will be accessible.
- However, this CSP won't be able to obtain information about Resellers or Customers on another CSP.
Reseller User
A Reseller User in the Administrator group will only be able to see in CloudCockpit what is associated with its own Reseller context.
- Every Customer associated with his Reseller tenant will be accessible.
- But this Reseller cannot access the information from the other Resellers that are associated with the same CSP.
Customer User
A Customer User in the Administrator group will only be able to see in CloudCockpit what is associated with its own Customer context.
- Every Subscription associated with his Customer tenant will be accessible.
- But this Customer cannot access information from the other Customers that share the same Reseller or CSP.
How to configure User Permission Groups
CSP
1. Go to Administration>Users
2. Locate the User and click on Actions > Edit
3. Choose what group(s) this User should have access to and click Submit
Reseller
1. Go to Administration>Users
2. Locate the User and click on Actions > Edit
3. Choose what group(s) this User should have access to and click Submit
Customer
1. Go to Company > Users
2. Locate the User and click on Actions > Edit
3. Choose what group(s) this User should have access to and click Submit
Related Articles
Grant User Access to CSP Portal
To grant a user access to the CSP CloudCockpit portal, follow these steps: Go to Administration > Users Click Add User Fill in the required fields: Email First Name Last Name The email address must be associated with a valid Microsoft account for the ...Create and manage alert policies
Alert policies help you detect budget overruns, unusual consumption spikes, unauthorized subscription changes and more, before they impact your business. To create or manage existing alert policies, go to Administration > Risk Center > Alert Policies ...Fix CloudCockpit Access Issues: Users & Licenses Troubleshooting
Troubleshooting Access Issues: Users & Licenses If there's an error trying to view the Users or Licenses for a Customer, here are a few steps you can take to troubleshoot the issue: 1. Verify the GDAP Relationship Ensure that the customer has an ...Assign subscriptions to User
When you already have a user created in CloudCockpit, you still need a consistent way to grant them the right Microsoft licenses without hunting through multiple menus. This flow standardizes license assignment for CSPs/Resellers and Customers, so ...Risk Center overview
CloudCockpit's Risk Center is where you can get an overview of risk management in the portal. This will help reduce your risk by keeping you aware of potential issues. Risk Center monitors Azure consumption lag, Partner Earned Credit (PEC) ...