Perhaps you have your Abiquo cloud platform deployed across continents and each of your regions has their own IT team to manage the infrastructure.

Maybe your MSP follows a model where an account manager is responsible for a set of enterprises only.

Or maybe your company resells your infrastructure to third-parties and they sell cloud services to end users.

Moreover, your company has probably created different tiers based on service levels. Almost certainly you organize your IT group to define different levels of security. Perhaps some administrators can only manage development systems, while others can manage the production environment, and so on.

All of these examples are use cases of Administration Scope, a new feature in Abiquo 2.2. Administration Scope limits a user to a set of enterprises and/or datacenters. So you can create administrators for customers and/or regions, delegating administration, and improving security and control. At Abiquo, we are focused on improving operational efficiency, because this is a key point in the success of an IaaS platform. And this new feature is a further step towards our goal.

From a functional and technical perspective, this feature is another level in our fine-grained Privilege system because it adds scope criteria to Roles. Using Administration Scope, you can restrict infrastructure management by a set of datacenters and enterprise management by a set of Enterprises. Together with the other administration control features (manage all privileges and create system-wide and enterprise roles), Administration Scope allows our customers to implement the customized security control that they require.

Here is the documentation of the Administration Scope feature. We hope that you will find it useful! Note that this links to our latest version, 3.4, rather than 2.2 which was released at the time of the original post.

http://wiki.abiquo.com/display/ABI34/Manage+Scopes

O