Skip to main content
BlueXP setup and administration

Organize your resources in BlueXP IAM with folders and projects

Contributors netapp-bcammett netapp-tonias
PDFs

BlueXP identity and access management (IAM) enables you to organize your NetApp resources using projects and folders. A project represents a workspace in BlueXP that organization members access to manage resources (for example, a Cloud Volumes ONTAP system). A folder groups related projects together. After you organize your resources into folders and projects, you can grant granular access to resources by providing organization members with permissions to specific folders and projects.

Add a folder or project

When you create your BlueXP organization, it includes a single project. You can create additional projects to manage your organization's resources. You can optionally create folders to group related projects together.

About this task

Your organization's resource hierarchy can have up to 7 levels, with nested folders down to 6 levels and projects at the seventh level.

The following image illustrates the maximum depth of your organization's resource hierarchy:

A screenshot that shows an organization

Steps

  1. In the upper right of the BlueXP console, select The settings icon which displays in the top right of the BlueXP web console. > Identity & Access Management.

  2. From the Organization page, select Add folder or project.

  3. Select Folder or Project.

  4. Provide details about the folder or project:

    • Name and location: Enter a name and choose a location in the hierarchy for the folder or project. A folder or project can reside directly underneath the organization or within a folder.

    • Resources: Select the resources that you want to associate with this folder or project.

      You can select resources associated with the parent folder or project: all resources for an organization parent, or folder-specific resources for a folder parent.

      Learn when you might associate a resource with a folder.

    • Access: View the members who will have access to the folder or project based on the existing permissions already defined in your resource hierarchy.

      If needed, select Add a member to specify additional organization members who should have access to the folder or project and then select a role. A role defines the permissions that members have for the folder or project.

      Learn about predefined IAM roles.

  5. Select Add.

Obtain the ID for a project

If you're using the BlueXP API, you might need to obtain the ID for a project. For example, when creating a Cloud Volumes ONTAP working environment.

Steps

  1. From the Organization page, navigate to a project in the table and select An icon that is three side-by-side dots

    The system displays the project ID.

  2. To copy the ID, select the copy button.

    A screenshot of the folders and projects table that shows the project ID after selecting the action menu for a project.

Rename a folder or project

If needed, you can change the name of your folders and projects.

Steps

  1. From the Organization page, navigate to a project or folder in the table, select An icon that is three side-by-side dots and then select Edit folder or Edit project.

  2. On the Edit page, enter a new name and select Apply.

Delete a folder or project

You can delete the folders and projects that you no longer need.

Before you begin

  • The folder or project must not have any associated resources. Learn how to disassociate resources.

  • A folder must not contain any subfolders or projects. You need to delete those folders and projects first.

Steps

  1. From the Organization page, navigate to a project or folder in the table, select An icon that is three side-by-side dots and then select Delete.

  2. Confirm that you want to delete the folder or project.

View the resources associated with a folder or project

To verify that your resources are organized appropriately and accessible to the right members in your organization, you can view which resources and members are associated with a folder or project.

Steps

  1. From the Organization page, navigate to a project or folder in the table, select An icon that is three side-by-side dots and then select Edit folder or Edit project.

    A screenshot of the Organization page that shows the Edit project option when selecting the action menu for a project in the table.

  2. On the Edit page, you can view details about the selected folder or project by expanding the Resources or Access sections.

    • Select Resources to view the associated resources. In the table, the Status column identifies the resources that are associated with the folder or project.

      A screenshot of the Edit project page that shows the available resources that you can associate or disassociate with the project.

Modify the resources associated with a folder or project

Members with permissions for a folder or project can access its associated resources.

Before you begin

Learn when you might associate a resource with a folder.

Steps

  1. From the Organization page, navigate to a project or folder in the table, select An icon that is three side-by-side dots and then select Edit folder or Edit project.

  2. On the Edit page, select Resources.

    In the table, the Status column identifies the resources that are associated with the folder or project.

  3. Select the resources that you'd like to associate or disassociate.

  4. Depending on the resources that you selected, select either Associate with the project or Disassociate from the project.

    A screenshot of the Edit project page that shows the Associate resources option that is available after you select resources that aren't currently associated.

  5. Select Apply

View members associated with a folder or project

  • Select Access to view the members who have access to the folder or project.

    A screenshot of the Edit project page that shows the members who have access to the project.

Modify member access to a folder or project

Modify member access to ensure the right members can access the associated resources.

Member access provided at a higher hierarchy level cannot be changed at lower levels. You need to switch to that part of the hierarchy and update the member's permissions there. Alternatively, you can manage permissions from the Members page.

Learn more about role inheritance.

Steps

  1. From the Organization page, navigate to a project or folder in the table, select An icon that is three side-by-side dots and then select Edit folder or Edit project.

  2. On the Edit page, select Access to view the list of members who have access to the selected folder or project.

  3. Modify member access:

    • Add a member: Select the member that you'd like to add to the folder or project and assign them a role.

    • Change a member's role: For any members with a role other than Organization Admin, select their existing role and then choose a new role.

    • Remove member access: For members who have a role defined at the folder or project for which you're viewing, you can remove their access.

  4. Select Apply.