We want to create a group in admin console, e.g. "Our Admins", so we can assign users and product profiles in the central admin console and have the users we add to this group be admins on one or more of our 7 AEM cloud instances (dev, test, uat, stage, prod etc.).
We could make ourselves administrators of all 7 environments, go into each one in turn, and add the built in groups, such as:
to our custom group, but this is difficult to maintain, as we might forget one env, or have to change them on all evs.
Presumably, there is a way to do this via OSGi config, or possibly with some sort of package sync?
Any ideas?
Solved! Go to Solution.
Views
Replies
Total Likes
Option-1:
Every env in Cloud has an Admin Product profile. One could create a group and assign the relevant product profiles. The Admin profile already grants a lot of access. You might not need to add more groups to it.
Option-2:
There are multiple options to inherit the OOTB groups in IMS groups
# Add members to groups
add administrators,user-administrators user2 to group grpA
https://sling.apache.org/documentation/bundles/repository-initialization.html
Option-3:
Netcentric ACL Tool enables to deploy Group association via YAML files in code base
https://github.com/Netcentric/accesscontroltool
Yes, we have been trying that, but its completely broken, and Adobe cant fix it. Its unusable.
We need to some how do it manually, although setting up permissions in adobe is very complicated.
We have been using AEM for nearly a year, and we have yet to find a way to reliable assign permissions to give users access to each env due to bugs in AEM/IMS.
Hi @TB3dock ,
You can make use of Repository Initializer to create groups and assign permissions
PFB link
https://sling.apache.org/documentation/bundles/repository-initialization.html
Hope this helps!!
Thanks
Option-1:
Every env in Cloud has an Admin Product profile. One could create a group and assign the relevant product profiles. The Admin profile already grants a lot of access. You might not need to add more groups to it.
Option-2:
There are multiple options to inherit the OOTB groups in IMS groups
# Add members to groups
add administrators,user-administrators user2 to group grpA
https://sling.apache.org/documentation/bundles/repository-initialization.html
Option-3:
Netcentric ACL Tool enables to deploy Group association via YAML files in code base
https://github.com/Netcentric/accesscontroltool
Views
Likes
Replies