Update Dryad

We will soon be rolling out Update Dryad which is a major system update with significant new functionality for enStratus. Major enStratus updates all center around a specific theme. The theme for Dryad was "user management".

One of the strengths of enStratus has been the ease of user management in the platform. It's one of the oldest elements of the system, and we used Update Dryad to significantly move our user management forward. Dryad introduces:

• User groups (users can be in one or more groups)
• Roles, with each group assigned a specific role on an account-by-account basis
• Comprehensive access rights management for roles

Once the upgrade is complete, you will have four user groups attached to four roles of the same name in each account. These groups and roles match up to the old Admin/Server Manager/Configurator/Reports permissions.

 

You can immediately begin customizing the system to suit your needs.

First, you define roles to encapsulate a set of access permissions. An access permission defines an action on a resource type with an optional qualifier. Qualifiers limit the scope of an action on a resource. For example, you can define a permission like:

SERVER/Terminate/MINE

That permission means that anyone tied to that role can terminate only servers they launched. You can also qualify an action based on group membership or billing code.

Why the separation between roles and groups? Within the next couple of months, we will introduce ActiveDirectory and LDAP integration. User membership in groups will be governed by your AD or LDAP management policies. Access to enStratus resources for customers leveraging AD or LDAP integration will thus be governed by tying an AD/LDAP group to an enStratus role. Users and groups will be "read-only" in enStratus for such customers.

A few weeks ago, we introduced our plans for the finance view into the system. Our next major update, Update Efreet, is focused entirely on the finance view of the system. We set the foundation for the finance view, however, in this release:

• You can define a set of billing codes and associate resources with those codes for tracking cloud usage/billing
• You can view your enStratus invoices from inside the console

To help with compliance, we've exposed more of our underlying audit capabilities in the form of Firewall change log reporting. From the reports console, you can view all firewall rule changes that have been made to the firewalls in your account, including changes made outside of enStratus. It also provides for a CSV download of your firewall change log. We also now send an alert any time a firewall rule changes.

Other changes in this release include:

• Support for AWS load balancers
• Greater ability to control AWS auto-scaling rules from the UI
• Beta support for SAML 2.0 authentication
• Configurable named networks and services to make firewall management easier
• Support for Terremark vCloud Express
• Greater ability to control alert preferences