Course Content:

What are the main use-cases requiring an Admin role?

  1. The ability to “view as” other users, for troubleshooting purposes.
  2. Visibility over account’s plan details.
  3. The ability to enable feature flags for early adopters or validation purposes.
  4. Tracking accounts usage reports, as well as users and the account structure.
  5. Provisioning Dedicated IPs.
  6. Perform service actions on customer accounts, like adding users to the workspace, managing private locations, Co-piloting critical tests.

What kind of access the Admin role grants? 

  1. All customers’ tests and reports data, including all the tests’ assets.
  2. All customers’ accounts, workspaces, projects, and users.
  3. All customers’ Private Locations information, including IP addresses.
  4. All the Mock Services, including MAR files that might include internal app info.
  5. Video data of the AUT of the users who use GUI functional.
  6. The Private Cloud’s internal URL/Domain name.
  7. View Dedicated IPs assigned to workspaces.
  8. It does not grant access or visibility to passwords, or API key secrets.
  9. It does not grant access or visibility to the billing system or payment methods.

What actions can be done with it?

  1. All Tests and reports can be edited, deleted, and executed freely.
  2. Accounts/Users can be swiped of all data with the use of the respective admin API.
  3. An Admin can grant Admin role to other users, including non-Broadcom personnel.
  4. Change/reset password for Private cloud accounts.
  5. Deny login from other users.
  6. Change internal account roles (admin, owner etc.)
  7. Create Dedicated IPs, randomly.

Mandatory Best Practices:

  1. Using a different email address for Non-admin use, e.g. demoing, validating, and testing that will serve the engineering organization, mainly the SWAT team.
  2. Set an expiration period of 1 month for your admin account’s API keys (account-level setting, and API key setting)
  3. Do not generate more than 1 admin API key.  The only use-case relevant is for using Admin APIs.
  4. In case your script or integration has to use an Admin API key, it must not be stored in a repo. The script/app/integration should consume it externally. 
  5. Store your API key pair in a password manager tools, e.g. Passpack, LastPass, and not in an unsecured format.
  6. Do not grant Admin access to others without proper approval from Product Management

 

 

Register Now