Nexeed

Condition Monitoring
    • Introduction
    • User manual
      • Facility-Related Access Control
      • Condition monitoring
        • Measurements tab
        • Events tab
        • View configuration tab
      • Rules management
        • Rule types/standard functions
        • Create or Configure a Rule
      • Deviation notification
      • Function configuration
      • Condition Monitoring Widgets
    • API documentation
      • Condition Monitoring HTTP API
      • Rules Management HTTP API
    • Glossary
Condition Monitoring
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Reporting Management
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator
Nexeed Learning Portal
  • Condition Monitoring
  • User manual
  • Facility-Related Access Control
✎

Facility-Related Access Control

Through the integration of an Access Control List (ACL), resources are automatically created in the Multitenant Access Control module for access control in Condition Monitoring , Rules Management , Deviation Notification , and Function Configuration. Roles and permissions must be created manually for these resources in the Multitenant Access Control module; these can then be assigned to users or user groups.

Multitenant Access Control

By default, resources are automatically registered for the Area facility level. Lines and stations inherit the information from the higher-level area.

Example

rm_resource_acl_default

Two resources are registered in the Multitenant Access Control module:

  • Rules for area Fe2.1 (including sub-facilities)

  • Rules for area Fe2.2 (including sub-facilities)

The other facilities (lines and stations) are not registered as a resource.

Resources for Facilities

When a facility (area) is added, a resource is automatically assigned to each of the access rights in the Health Monitoring , Rules Management , Deviation Notification and Function Configuration of the device in the Multitenant Access Control module.

Example

Facility level Name Authorizations Description

Area A

Area A — Rule

Read
Add
Edit
Delete

Access the rules of devices associated with area A or its subordinate facilities

Create role for facilities

Prerequisite

Administrator or Rule Service Administrator role

Procedure

  1. Create facility.

    The permissions for the created facility are created automatically.

    Add Equipment

  2. Create role and assign permissions.

    Adding a Role

  3. Assigning a Role to a User

    Assigning a User to a Role

A role has been created for a facility.

Examples: Role for facilities

The following three examples show how an ACL-‑based authorization can be implemented in Condition Monitoring , Rules Management , Deviation Notification and Function Configuration. The organizational roles shown must be created manually:

Create role for facilities

User area A

  • Application role: Read Rule Service User :

  • Authorizations: Area A — Rule : Read

  • Rights of User area A :

    • Sees the Efficiency Analysis menu in the portal > Rules management

    • Can see, edit, add and delete rules of devices associated with area A or its subordinate facilities

    • Can see, edit, add and delete rules of device types whose devices are associated with area A or their subordinate facilities

User area A admin

  • Application role: Read Rule Service User :

  • Authorizations: Area A — Rule : create, read, modify, delete

  • Rights of User area A admin :

    • Sees the Efficiency Analysis menu in the portal > Rules management

    • Can see, edit, add and delete rules of devices associated with area A or its subordinate facilities

    • Can see, edit, add and delete rules of device types whose devices are associated with area A or its subordinate facilities

User area A ‑ C Admin

  • Application role: Read Rule Service User :

  • Authorizations: Area A — Rule : create, read, modify, delete

  • Authorizations: Area B — Rule : create, read, modify, delete

  • Authorizations: Area C — Rule : create, read, modify, delete

  • Rights of User Area A - C Admin :

    • Sees the Efficiency Analysis menu in the portal > Rules management

    • Can see, edit, add and delete rules of devices associated with areas A ‑ -C or their subordinate facilities

    • Can see, edit, add and delete rules of device types whose devices are associated with areas A ‑ -C or their subordinate facilities

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses