Portal Security Roles

Portal administrators manage the DHS subscription and service instances.


Role	Identifier	Description
Service Administrator	SERV-ADMIN	Permits an administrator: To subscribe to the MarkLogic Cloud Service. To manage networking (restricted capabilities). To provision service instances.
Account Administrator	ACCT-ADMIN	Permits an administrator: To track and view billing, usage, and so on. To assign the Service Administrator and Security Administrator roles to other users.
Security Administrator	SEC-ADMIN	Permits an administrator: To configure the VPC. To define new roles that inherit from preconfigured roles. To assign and revoke DHS portal roles to users. To assign DHS instance roles to users. To reset passwords for other users. If your instance is configured to use LDAP authentication, this role is mapped to the LDAP group from your Active Directory (AD) server.

Note: The first user to log into the AWS portal is automatically assigned all three roles: Account Administrator, Service Administrator, and Security Administrator. Additional users who log in from the AWS Marketplace are restricted, until the first user assigns roles to them.