The HPE GreenLake for Authorization service enables you to programmatically manage access control within your HPE GreenLake environment. This service serves as the central authority for determining who can access what resources across the HPE GreenLake cloud, ensuring that only authorized users can perform specific actions on protected resources.
This service applies only to workspaces with enhanced Identity and Access Management (IAM) enabled. To learn about about configuring enhanced IAM workspaces, see Creating your company workspace.
- Manage roles
- Manage user role assignment
- Manage scope groups
When you assign a role to a user, you can constrain the role assignment to provide access to only a subset of the resources available in a workspace.
A role assignment consists of a subject, such as a user or user group, the role the subject is assigned, and a scope. The scope determines the resources to which the role privileges apply. A scope defines a subset of the resources available in a workspace. Some roles can only be scoped to the entire workspace, that is, the role privileges apply to all the resources in the workspace. Other roles can be scoped to either the entire workspace or to a subset of the resources in the workspace.
A scope group consists of one or more scopes. When you assign a role to a subject, you can set the scope of the role assignment to one or more scope groups which constrains the permissions granted to the subject to the scopes in the scope groups.
Date: 2025-11-07
The initial public release of the HPE GreenLake for Authorization API.
View the changelog for more information