Task | Registry Admin | CO Admin | CO Participant | Guest | Sys Admin | Notes |
---|---|---|---|---|---|---|
CO Instance Management |
|
|
|
|
|
|
Add Person as Registry Admin |
|
|
|
|
|
|
Remove Person as Registry Admin |
|
|
|
|
|
|
Provision CO |
|
|
|
|
|
|
Edit CO |
|
|
|
|
|
|
Deprovision CO |
|
|
|
|
|
|
Provision App to CO |
|
|
|
|
| Provisionable apps ideally are deployable to the CO instance without manual steps, support federated authnz, etc (are domesticated, probably packaged). Apps include mailing list management. |
Deprovision App from CO |
|
|
|
|
| |
Configure Known IdPs |
|
|
|
|
| Discovery Service management |
Person Management |
|
|
|
|
|
|
Request Add Person to CO Directory |
|
|
|
|
| Guest might be able to self register |
Add Person to CO Directory |
|
|
|
|
| Via invite, directory query, etc |
Edit Person |
|
|
|
|
| Fix name, title, etc |
Remove Person from CO Directory |
|
|
|
|
|
|
Role/Group Management |
|
|
|
|
|
|
Add CO Admin Role to Person |
|
|
|
|
|
|
Remove CO Admin from Person |
|
|
|
|
|
|
Create CO Group/Role |
|
|
|
|
| Possibly defined as a (partially) federated group |
Remove CO Group/Role |
|
|
|
|
|
|
Add Person to CO Group/Role |
|
|
|
|
| CO Groups could include Federated Groups |
Remove Person from CO Group/Role |
|
|
|
|
|
|
Provisioning |
|
|
|
|
|
|
Dynamic (group based) Person Provisioning to CO Applications |
|
|
|
|
| Configure group to app provisioning; For now, provisioning includes (eg) ACLs; Just In Time or Pre-provisioned |
Dynamic Person Deprovisioning from CO Applications |
|
|
|
|
| On Person removed from Group or CO |
Ad Hoc Person Provisioning to CO Applications |
|
|
|
|
| Just In Time or Pre-provisioned |
Ad Hoc Person Deprovisioning from CO Applications |
|
|
|
|
| On demand or Person removed from CO |
Content |
|
|
|
|
|
|
Login to CO Portal |
|
|
|
|
| Dynamically generated links to provisioned apps |
Login to CO Applications |
|
|
|
|
|
|
View CO Public Content |
|
|
|
|
| |
Audit |
|
|
|
|
|
|
View Person History |
|
|
|
|
| Provisioned, added to group, etc |
Reporting |
|
|
|
|
|
|
System Administration |
|
|
|
|
|
|
Provision Cluster Resources (Hardware, VM, etc) |
|
|
|
|
|
|
IP Address Registration/Management |
|
|
|
|
| Includes eg app-3.cluster.net as well as myvo.org |
Application Upgrades |
|
|
|
|
| Or could be done by a separate App Admin |
OS Upgrades |
|
|
|
|
|
|
Backups |
|
|
|
|
|
|
"Power User" functionality
Additional Notes
- Multilingual support