Knowledge Base  /  Release Notes  /  2014
Knowledge Base  /  Release Notes  /  2014

Cloud Platform - Release Notes: November 12, 2014

Updated by Richard Seroter on Nov 12, 2014
Article Code: kb/926

New Features (2)

  • New Role-Based Access Control Services. Lumen Cloud has launched an upgraded user security model that cascades throughout the UI and v2 API. These 8 roles map to unique personas within an organization and help customers apply a least-privilege approach to their cloud environment. A user can be part of multiple roles, and the Control Portal user interface recognizes which role(s) a customer has and adjusts accordingly. For a deep dive description of the permissions assigned to each role, view the Permission Matrix KB. Also, review the Roles FAQ and migration guide for more details. Below is a brief description of each role:
    • Account Administrator can perform any provisioning and management tasks available in the cloud platform. 
    • Server Administrator cannot change account-level settings or some networking services, but has full permission to create and manage virtual server infrastructure.

    • Server Operator has day-to-day management permissions but cannot add public IPs, create load balancer pools, or change policies.

    • Security Manager can change account settings, user permissions, and firewall policies, but cannot build or manage virtual resources.

    • Network Manager can configure and maintain network settings like DNS, VPNs, vLANs, and firewall policies.

    • DNS Manager has permission to manage DNS zones.

    • Billing Manager has access to billing history and payment information.

    • Account Viewer has read-only access to all aspects of the cloud platform, and cannot initiate changes or create resources.

  • Feature Flags. The platform now supports data center-level "feature flags" that make it possible to turn capabilities on and off on a per-DC basis. This helps private cloud customers (and potentially public cloud customers) control which capabilities are available to their users. Initial feature flags exist for: premium storage, shared load balancer, site to site VPN, client VPN, and public IP addresses.

Minor Enhancements (5)

  • Server (Beta) out of Beta. The classic groups/server page is now retired in favor of the new Servers user interface. The page URL has changed as well, but all existing server links will seamlessly redirect.
  • Global Search index changed. The Global Search has been further tuned, and we have temporarily removed the following items from the results: group name, group description, VLAN name, public IP addresses, blueprint name, blueprint package name.
  • Payment details available via v1 API. The v1 API was updated to return the payment details on the new GetResponsibleBillingAccount call.
  • Create users with new roles via v1 API. Customers who currently provision users automatically via the v1 API can set values related to the newly released roles.
  • Get public IP from server details page only. We've retired the "add public IP" button from the "IP Addresses" page and now have a consolidated place to set and manage public IP addresses. Visit the details page for a given server and easily set and change public IP address settings.