Cisco Cisco Intelligent Automation for Cloud 4.3.2 User Guide
27
User Roles and Capabilities
User Roles
Tenant Technical Administrator
The Tenant Technical Administrator (TTA) is an employee of the organization who manages tenants from a technical
standpoint. In a self-managed tenant, a Tenant Technical Administrator is the administrative authority within the tenant
on all technical matters related to using the cloud system, and is the tenant's technical representative to the cloud
provider.
standpoint. In a self-managed tenant, a Tenant Technical Administrator is the administrative authority within the tenant
on all technical matters related to using the cloud system, and is the tenant's technical representative to the cloud
provider.
TTAs do the following:
Manage the tenant’s user accounts and organizational structure.
Manage tenant’s Virtual Data Centers and related elements.
Manage tenant-wide services offered to all their organizations.
In this regard, the TTA assumes some of the responsibility of a CPTA in a single tenant (no-tenant) private cloud. In
provider-managed tenants, the tenant hires the cloud provider to perform all administrative duties. As a result, there may
not be a tenant user that acts as a TTA. A provider user will be appointed to perform the above duties and order on behalf
of the tenant.
provider-managed tenants, the tenant hires the cloud provider to perform all administrative duties. As a result, there may
not be a tenant user that acts as a TTA. A provider user will be appointed to perform the above duties and order on behalf
of the tenant.
Each tenant has at least one Tenant Technical Administrator, whose account is typically created when the tenant is first
created. The Tenant Technical Administrator can create Organizational Technical Administrators and Cloud End-Users.
The Tenant Technical Administrator role may be assigned by a CPTA or another TTA. A Tenant Technical Administrators
role would have the rights over all objects owned by organizations for the tenant.
created. The Tenant Technical Administrator can create Organizational Technical Administrators and Cloud End-Users.
The Tenant Technical Administrator role may be assigned by a CPTA or another TTA. A Tenant Technical Administrators
role would have the rights over all objects owned by organizations for the tenant.
Tenant Business Administrator
The Tenant Business Administrator (TBA) is an employee of the organization who manages tenants from a business
standpoint. In a multi-tenant cloud, the Tenant Business Administrator is the commercial and business authority within
the tenant and represent these concerns to the cloud provider. These responsibilities include:
standpoint. In a multi-tenant cloud, the Tenant Business Administrator is the commercial and business authority within
the tenant and represent these concerns to the cloud provider. These responsibilities include:
Negotiate pricing, service options, service levels and other service terms with the cloud provider.
Approve high cost service orders by tenant users.
Analyze cloud costs to the tenant, over time, by service, by organization, in order to control costs and ensure the
best return on investment.
best return on investment.
In a provider-managed tenant, since there may not be a tenant user that is a technical administrator, the TBA serves as
a the only tenant representative.
a the only tenant representative.
Note:
In private clouds with multiple tenants, there may not be a TBA user; and if there is, their role may be reduced to
only perform the last two bullet items above.
Organization Technical Administrator
An Organization Technical Administrators (OTA) is an employee of the organization with some administrative access and
control over their organization’s environment. The Organization Technical Administrators manage an organization’s user
accounts, virtual data centers, and organization-specific service catalogs in Prime Service Catalog. They also assign
users to Server Owner roles within the organization. The Organization Technical Provider has access to the following
modules:
control over their organization’s environment. The Organization Technical Administrators manage an organization’s user
accounts, virtual data centers, and organization-specific service catalogs in Prime Service Catalog. They also assign
users to Server Owner roles within the organization. The Organization Technical Provider has access to the following
modules:
Service Portal — Access the following pages to order Prime Service Catalog services:
—
My Servers — View a list of all of the servers you own or manage, and perform actions such as powering up or
down, taking a snapshot, or decommissioning.
down, taking a snapshot, or decommissioning.
—
User Management — Add, modify, and remove OTA, VPSO, and VSO users.