Fine-Grained Access Control and Configuration
This page explains how to configure facility-level access control for Condition Monitoring and Rules Management applications.
Overview
Fine-grained access control allows you to restrict user access to specific facilities, areas, lines, or stations. This works in addition to the application roles described in Application Roles.
How Fine-Grained Access Works
Configuring Access Permissions
Configuring Facility-Level Permissions
To configure fine-grained access control for specific facilities, you need to create facilities in Master Data Management and then assign facility-specific permissions.
Step 1: Create Facilities in Master Data Management
Before assigning facility-level permissions, the facilities must exist in the system:
-
Create the facility in Master Data Management (Plant, Area, Line, Station)
For detailed instructions: Add Facility in Master Data Management
Step 2: Assign Application Roles
Ensure users have the appropriate application roles:
-
condition-monitoring-userfor basic Condition Monitoring access -
rule-management-userfor basic Rules Management access -
Higher-level roles (
expert,admin) as needed
Step 3: Create Custom Roles and Assign Facility Permissions
Create custom roles that combine application roles with facility-specific permissions:
-
Create a custom role in the Multitenant Access Control system
-
Assign facility-specific permissions to the role
For detailed instructions: Adding a Role
Step 4: Assign Roles to Users
Assign the custom roles to users who need facility-level access:
-
Navigate to user management in Multitenant Access Control
-
Assign the appropriate roles to users
For detailed instructions: Assigning a User to a Role
Resource Types and Permissions
Condition Monitoring Resources
Available Permissions:
-
Read: View condition monitoring data
-
Add: Create new monitoring configurations
-
Modify: Edit existing configurations
-
Delete: Remove monitoring configurations
Facility-Level Resources:
-
Machine data viewing and export
-
View configuration management
-
Machine counter access
-
Error sequence detection
Related Topics
-
Application Roles - Overview of available roles
-
Organization Roles Configuration - Manual MACMA role configuration guide
-
Multitenant Access Control - General access control documentation
-
Master Data Management - Creating facilities and equipment
-
Adding Custom Roles - Role creation guide
-
User Role Assignment - Assigning roles to users