SquaredUp adheres to the role-based access control (RBAC) within SCOM. A SCOM user accessing SquaredUp will automatically be restricted to only what their SCOM permissions / RBAC allows them to see. This is true for everything within SquaredUp, whether that's dashboards, performance reporting, individual objects and so on.
For example, if a user accesses a dashboard that contains items that his RBAC do not permit him to access, then those will not be visible to him within SquaredUp. These users will each consume one of the Named User licenses that you have purchased.
- Administrators can edit, create and delete dashboards in SquaredUp, and run tasks such as maintenance mode.
- Authors can edit Company Knowledge.
- Operators can edit and delete alerts and run tasks. See How to allow SCOM Operators to edit Company Knowledge
- Read Only Operators can drilldown on dashboards, but cannot edit/delete alerts or run tasks.
This TechNet article lists the SCOM roles and permissions: https://technet.microsoft.com/en-gb/library/hh872885.aspx
While users without SCOM access cannot log in to SquaredUp, they can view Open Access Dashboards.
By default any SCOM user logging on to SquaredUp has access to view pages, but only SCOM admins can create pages and perform other administrative tasks. Team folders allow permissions to be configured to control viewing and authoring dashboards and their navigation structure.
Only SCOM administrators are able to carry out the following in SquaredUp:
- Create and edit perspectives
- Create or delete a Team Folder
- Write SQL queries
- Add new Web API providers, including Application Insights and Log Analytics providers
- Add or edit Web API, Azure Application Insights and Log Analytics tiles
- Edit global navigation
- Clone a dashboard in the Everyone pack. Team folder authors can only clone a dashboard if they have author permissions to that folder, as it is first saved to that folder. They can then copy it to any other folder to which they also have author permissions.