Read-only operator mode

Ilya_Malyarenko · December 12, 2018, 5:10pm

Dear Camunda Folks,

Would appreciate your advise on implementing a read-only Operator role in Cockpit.
We are looking for a way to provide “reporting” capability, while avoiding segregation of duty conflicts. What would be a sufficient level of authorisations to assign a group READ_ONLY access to cockpit?

Would be also happy to hear your thoughts on lessons learnt.

Thank you in advance.

Best regards,
Ilya

kotskin · December 12, 2018, 5:20pm

Hi, Ilya!

We resolve this case with REST API - write small vue.js app. May be you can look that way.

Ilya_Malyarenko · December 12, 2018, 5:36pm

Hi Denis,

Thank you for your suggestion. I am looking for really simple no-code options

BR,
Ilya

StephenOTT · December 16, 2018, 7:24pm

What is read only mean in your context? You can see everything but not actually action anything?

Ilya_Malyarenko · December 16, 2018, 10:21pm

Hi @StephenOTT,

Yes, exactly. Being able to see, but not act.

Best regards,
Ilya

Yana · December 17, 2018, 7:45am

Hi Ilya,

The user needs access to Cockpit and READ permissions to everything which is needed:

process definition (+ READ_INSTANCES)
process instance
decision definition
deployment
batch

You need to consider adding the READ_HISTORY if the user needs access to it as well.

Ilya_Malyarenko · December 17, 2018, 9:23am

Hi Yana,

Thank you so much. This is what we are looking for.

Best regards,
Ilya