Management Function¶
Overview¶
Subscription Method¶
For Customers Who Have NTT Com Business Portal Subscription¶
For Customers Who Do Not Have NTT Com Business Portal Subscription¶
Needed Information on Subscription¶
The following information (contract information) is required when applying for the Enterprise Cloud 2.0 service, so please have it ready in advance. The following contract information can be referred to on the portal after application.
Category |
Item |
Contract Information |
Postal Code |
Address |
|
Address (e.g. building name) |
|
Department |
|
PIC Name |
|
Phone Number |
|
Email Address |
|
Sales Channel Code |
|
Billing Information |
Postal Code |
Address |
|
Address (e.g. building name) |
|
Company Name |
|
Department |
|
PIC Name |
|
Phone Number |
|
Email Address |
GUI/API¶
GUI¶
GUI Configuration¶
GUI |
Function |
Overview |
Enterprise Cloud 2.0 Portal |
Workspace management |
You can select the workspace to operate. If you are an admin user, you can add / delete workspace and specify who can access each workspace. |
User Management |
You can refer to the user information. (Displayed only on the admin user page) |
|
Billing Management |
Customers can view the detais of billing statement. (For Super User only) |
|
Profile Management |
ustomers can view their profile information such as login ID. They can also check the API key information. |
|
Contract Management |
You can refer to contract information. (It is displayed only on the Contract Owner screen) |
|
Notifications |
We issue notifications regarding Enterprise Cloud. |
|
Ticket System |
Ticket System Inquiry Management |
Customers can create inquiry tickets to contact the support center regarding failures and technical support. |
Control Panel for Each Menu |
Operation of each menu, resource management |
You can check the resource usage status of each menu and add / delete / change resources. It is managed by each tenant in the workspace.
Please refer to the respective service descriptions for details on how to use each menu.
|
Terms and Conditions of Use¶
Item |
Contents |
Available Browses |
Mozilla Firefox (the latest version)
Google Chrome (the latest version)
|
Available Languages |
English, Japanese (Language is automatically selected depending on the browser settings.) |
API¶
API Configuration¶
Item |
Descriptions |
API Key |
This is the ID necessary for authentication to enable API access. Authentication by API key enables Customers to access to each resource via API endpoint, and send API requests.
Unique value per user is assigned, and CUstomers can regenerate it as needed.
|
API Secret Key |
This is the secret key necessary for authentication to enable API access. API secret key is needed in conbination with API key.
Unique value per user is assigned, and Users can regenerate it as needed. Also, the API secret key is displayed only once during generation.
|
API Endpoint |
This is the defined URL for API access.
You can control various resources by accessing this URL.The end point of API depends on each region and menu.
|
Note
Enterprise Cloud 2.0 recommends regular API key and API private key updates. Please plan from the following procedure and update the API key. API key update procedure
Menus providing API¶
The menu that is provided by the API is API Reference
Terms and Conditions of Use¶
NTTCom limits the number of API request to ensure the health condition of our infrastructure and Customers’ environment.
“200 requests/second/source IP address” or “1,000 requests/minute/user”
Once the number of API request from Customers exceeds the limit, the safeguard runs on against their API requests and restrict them temporally.
Note
Wasabi object storage is not subject to the above restrictions.
Contract Management¶
Reference / change of contract information¶
Terms and Conditions of Use¶
Workspace management¶
Workspace¶
Workspace management¶
Note
A tenant in an existing workspace cannot be placed in another workspace.
Terms and Conditions of Use¶
User Management¶
User Type¶
User Type |
Access Permission to Management Function |
Access permission of workspace |
Available Number of Users per Contract |
Contract Owner (Super User) |
Access permissions to all the management function of the contract |
Have access permission of all workspaces that belong to that contract |
1 |
Super User |
Access permissions to all the management function of the contract |
After creating a user, set access permission for each workspace. Only the workspace for which the permission is set can be accessed |
199 (Total with Users) |
User |
No Access permission to the management function |
After creating a user, set access permission for each workspace. Only the workspace for which the permission is set can be accessed |
199 (Total with Super Users) |
Add User¶
Note
Business portal users who already have access to all Enterprise Cloud 2.0 contracts will be added as users of that contract when the Enterprise Cloud 2.0 contract is completed. After that, the business portal user who has been granted access to the contract will have the contract at the timing of the first access to the contract or the timing of system synchronization between the business portal and Enterprise Cloud 2.0 (usually once a day). Will be added as a user of.
Note
Customers need the administrative permission of Business Portal for the operation above.
Change of Contract Owner¶
Change User type¶
The functions that only Super users can execute are as follows.
Function |
Overview |
User Management |
It is the permission to refer and manage other users in the contract.
Normal User can only manage by itslef.
|
Workspace management |
Permissions to create, delete, and set access permissions for workspaces. User management permission are also required.
Normal users can only browse workspaces for which access permissions have been set.
|
Manage Billing information |
It is permission to refer the billing information.
A Normal User cannot use this function.
|
API permission management |
It is the permission to create, edit, delete, assign and edit IAM group and IAM role. User management permission is also required.
Normal users can only refer to IAM groups and IAM roles they belong to.
|
Change User type |
Permission to edit user type and operation permission. User management permission is also required.
Normal users can only refer to their own user type and operation permission.
|
Note
The Contract Owner is always an Super User with all permission.
A user with the permission to change user type has strong permission to arbitrarily change the permission of other users in the contract. Please carefully consider this permission carefully when customizing the authority of the Super User.
API permission management¶
API permission management provided by Enterprise Cloud 2.0¶
Note
The GUI provided by Enterprise Cloud 2.0 internally realizes on-page operations by executing the API corresponding to the operations. Therefore, by using this API authority management function, the execution authority on the GUI can be restricted as well.
Item |
Descriptions |
User |
Individual users (administrative users or general users) belonging to the Enterprise Cloud 2.0 contract |
IAM role |
The use terms of API and the conditions to run API are defined in the white list format.
1 IAM role can have multiple authorization API.
|
IAM Group |
Grouping the IAM roles
Serve to characterize the string of the user and the IAM role.
|
As shown in the following figure, a user can belong to multiple IAM groups, the IAM Group is defined by 1 or multiple IAM roles.
Authority definition of IAM role¶
Item |
Descriptions |
ipAddress | Access the original global IP address that is allowed to use |
basePath | API name that is permitted to use |
path | API resource name that is permitted to use |
verb | Method name that is permitted to use |
Default IAM group, default IAM role¶
API Availability¶
Judgment of authority¶
Note
The permission setting by API IAM management is evaluated together with the permission by user type (super user or normal user) and the permission by workspace access permission. For example, the workspace creation operation requires super user privileges, so even if you grant privileges to normal users with the API IAM management function, you cannot execute them. In addition, operations for resources belonging to tenants in workspaces that do not have workspace access permission can be set, but cannot be executed. See the “User Management” chapter for user types and the “Workspace Management” chapter for workspace access permissions.
Terms and Conditions of Use¶
Note
Please check for more detailed procedure How to use API authority management function .
Approval Function¶
Function Overview¶
Cloud/Server Between Tenants Connect
- Flexible InterConnect
Approval request parameters¶
Parameter |
Descriptions |
request ID |
will be automatically granted |
Status |
Current status of Approval Request
Details will be explained in the next section.
|
Approval target ID |
ID indicating approval target
Specify tenant ID, contract ID, user ID by the following types.
|
Approval type |
Actual approval actions can be executed by any user specified by the approval type and the above approval target ID.
The approval types are as follows.
tenant: All users who can access the tenant with the specified tenant ID
tenant_owner: Admin user of the contract with the specified tenant ID
contract: All users belonging to the contract with the specified contract ID
contrct_owner: Admin user of the contrct with the specified contract ID
user: User with the specified user ID
|
Action |
details of action to be execute after approval |
Response deadline of approval request |
Requests that have expired will be in the status of “expired”, and approval etc. can not be executed. |
Approval expiration date |
Expiration date of valid period of approved request
The date and time after 30 days from the approval date are registered and can not be changed.
After this deadline, the action once approved is also invalid.
|
Status of Approval request¶
Status |
Descriptions |
registered |
The state immediately after the approval request is generated by the requesting user |
cancelled |
the state where the requesting user has canceled the approval request
After changing to this status, you can not change to another status.
|
approved |
A state in which the approval request has been approved by the requesting user
This status is retained until the expiration date expires.
|
denied |
The state where the approval request was rejected by the requesting user
After changing to this status, you can not change to another status.
|
expired |
Approval request expired
if the approval request’s response deadline has passed, approval etc. will not be executed, will shift to this status.
|
approval_expired |
Approval expired
Move to this status if the expiration date of the specified approval has passed.
|
Notification of approval request¶
Billing Management¶
View Billing Statement¶
Terms and Conditions of Use¶
Notification settings management¶
Note
This setting may not be applicable to some menus. Please refer to the support information of each menu.
Email notification category |
Contract delegate user
|
Non-contract user
|
Notification content
|
Notice / Release Information
|
✔
|
✔
|
Announcement concerning notice of new menu / function addition etc., specification change etc.
|
Malfunction
|
○ (Unchangeable)
|
○※
|
Notification on Failures
(*) Users other than the contract owner user will be notified if they have access to the corresponding workspace.
|
maintenance
|
✔
|
○※
|
Notification on Maintenance
(*) Users other than the contract owner user will be notified if they have access to the corresponding workspace.
|
From the initial state above, the user can select the mail that it receives (you can check out the mail you do not want to receive)
However, the contract representative user can not change the reception of the failure notification
An administrative user with user administration authority can manipulate the reception selection of other users
In addition to the above, we may send a notification email about the terms and conditions and charges to the contract person (the person in charge email address entered on the online sign-up page of the new application for Enterprise Cloud 2.0).