Manage permissions

View and change user access to Service Virtualization Servers and virtual services.

View and change user access to a Service Virtualization Server

  1. In the Servers tab, select a server.
  2. In the Permissions area, you can view the groups and users who have access to resources on the selected server.

    • Virtual Service Management. Grant a user permission to deploy new services on the server.
    • Agent Management. Grant a user permission to create new agents on the server.
  3. The following groups and users can add permissions for additional users and groups, and customize them according to your needs:

    • Members of the SV Server Administrators group
    • The resource creator
    • A user with write permissions for the resource
    • Members of the SV Publishers group can add permissions for additional users and groups to Virtual Service Management. Each publisher can do so only for services that they have created and over which they have control.

    • Members of the SV Runtime Administrators group can add permissions for additional users and groups to Agent Management

    Click Add permission and enter the name of a user or user group.

    Note: You cannot delete the built-in Service Virtualization user groups from the server, or modify their permissions. For more details, see Service Virtualization User Groups.

Back to top

View and change user access to services

For a single service

  1. In the Services tab, click the name of the service.

  2. In the Permissions area, you can view the groups and users who have access to the selected service.

  3. If you are a member of the SV Server Administrators group, are the service creator, or have write permissions for the service, you can also add permissions for additional users and groups, and customize them according to your needs.

    Click Add permission and enter the name of a user or user group.

    Note: You cannot delete the built-in Service Virtualization user groups from the service, or modify their permissions. For more details, see Service Virtualization User Groups.

For multiple services

  1. In the Services tab, click the checkboxes for the services whose permission you want to view or manage.
  2. On the bottom toolbar, click Bulk Actions > Permissions.

  3. Select the permissions you want to assign, and click Assign permissions.

Back to top

Service Virtualization User Groups

During installation of the Service Virtualization Server, built-in user groups are created on the server. These groups grant various levels of access to a Service Virtualization Server, or its resources, such as virtual services and agents, as follows:

User Group Permissions
SV Operators

View virtual services deployed on the Service Virtualization Server.

Note: SV Operators can view only partial agent configuration information.

SV Publishers

SV Publishers have the same viewing permissions as SV Operators. In addition, they can create, configure, and use virtual services, and have full access to services they own. This includes:

  • Switching service simulation modes
  • Unlocking services
  • Deploying services (deploy, undeploy, update)

Note: SV Publishers can view only partial agent configuration information.

SV Runtime Administrators

View, create, configure, and delete agent configurations on the Service Virtualization Server.

Note: Runtime Administrators do not have permissions for viewing or managing services.

SV Server Administrators
  • Full access to Server resources
  • Modify Server access permissions

Example: Managing access permissions:

You can also manage group membership using the Service Virtualization Management interface.

In addition, you can manage access permissions to individual resources on the Service Virtualization Server, such as virtual services.

For details on Service Virtualization Management, see Service Virtualization Management.

SVM Users

Log in to Service Virtualization Management.

For details, see Get Started with Service Virtualization Management.

Guidelines

  • You can modify permissions for specific users by adding them to, or removing them from, these groups.

    Note: If a user is part of multiple groups, that user has all permissions associated with any of the groups. For example, if Group A has Read permissions and Group B has Write permissions, a user who is a member of both Group A and Group B has both Read and Write permissions.

    However, permissions assigned individually to a user override whatever permissions are given by the user's groups. For example, if a user is added to a permissions list and given only Read permissions, that user does not have Write permissions even if he is in a group whose members have Write permissions.

    When you create or combine groups, make sure to keep track of the permissions granted to each group, as well as each member's individual permissions.

  • A user who is not assigned to any of the groups cannot view any agent data or any services deployed on the server.

  • Service Virtualization enforces access permissions only when server authentication is enabled.

  • The groups are created regardless of whether the Server authentication option is selected during the Server installation. This enables you to reconfigure at a later stage. For details on changing authentication options, see Change SV Server security settings.

  • Uninstalling or reinstalling Service Virtualization does not affect these groups. Your changes to group membership are maintained between installations.

  • Every authenticated Windows user has access to /ping and /info resources. This does not depend on Service Virtualization authentication.

Back to top

Permission types

The permission types Read, Write, Delete, Use, and Manage have different meanings in the following contexts:

Managing the list of services on the server (server level)

Write: The user can deploy services.

Managing the list of agents on the server (server level)

Write: The user can create agents.

Managing an existing SV agent (agent level)

Read: The user can view and copy the agent configuration.

Write: The user can update the agent configuration.

Delete: The user can remove the agent.

Use: The user can deploy a virtual service that uses this agent and configure a virtual service to use this agent.

Managing an existing SV service (service level)

Read: The user can view the virtual service endpoints, state, and runtime report.

Write: The user can update the virtual service endpoints, data and performance models, configuration, and security settings.

Delete: The user can undeploy the virtual service.

Manage: The user can unlock the virtual service, change its state, select the virtual service data and performance model for simulation, and reset the service statistics.

Back to top