Updates Jam: Security. Administration. Web UI.

We continue to enhance our Maestro solution. With this blog post, we would like to cover the improvements int the security of the application, Administration functionality and Maestro UI.

Security

Security updates covered a wide range of changes. Our major improvements are the following:
  • Permissions mechanism was restructured to provide clear and effective permission management. It now consists of three levels of entities: Role, Permission Group, and Action. Each User Role includes Permission Groups, each Permission Group includes Actions, each Action corresponds to some action that the user can perform in Maestro. 
 
  • Permissions can be assigned on different levels, such as Customer, Tenant, Project, and User. For each user, the highest-priority setting is applied, which is suitable for every individual situation. For example, Project Role settings will overlap Tenant Role settings. User email settings, if any, will override settings of any other level. The general Priority level is displayed on a scheme below.
  • Resource permissions sharing functionality was implemented, allowing the instance owner to transfer ownership rights on the instance to another user or give/change permissions to manage the instance to other users.

  • The new security scan tool, Qualys, is introduced for constant monitoring over virtual infrastructures in all supported clouds. You can initiate the Qualys security scanning via the Content View window on the Management page.
  • Account expiration functionality was implemented to intensify the security of accounts. It can also be used as a temporary solution to demonstrate the application functionality to a particular user.
  • M3 Server Security level is enhanced by securing access to it only by using credentials. Only users who have the respective credentials can now have access to review and modify processes on the m3_server.

Maestro Administration

The m3_admin API functionality was implemented, providing a standardized and commonly used way to review and manipulate the admin part of Maestro via the HTTP interface and allowing third-party services to easily configure Maestro: activate/deactivate tenants or regions, add new users, etc. 

Web User Interface

The modal windows functionality was implemented, displaying
  • Confirmation message, appearing when you click an action button and asking to confirm the action;
  • System message, providing additional information on a necessary action to be performed.

We started to implement the localization functionality, to support the translation of our solution into different languages for a wider audience.
At the moment, the Spanish localization is available. Russian and Portuguese languages will be implemented with future releases.  

We’ve been constantly improving our solution, enhancing security and functionality, making the UI part user-friendly and intuitively understandable, to provide the best services.

Follow our blog to get more news on our project.
=)

Comments

Post a Comment

Popular posts from this blog

Maestro Analytics: Essentials at the Fingertips

Image
Infrastructure analytics is one of the cornerstones for effective cloud management. Each cloud provider offers its own set of features and services for such purpose. We can say that AWS QuickSight, Google Data Studio, and Microsoft BI are among the top of the native analytics and BI offerings. They are deeply integrated into their native infrastructures, provide the detailed review of the infrastructure state, events and cost, and allow to take a deep dive into details, being powered by strong internal mechanisms and AI/ML engines. However, in many cases they provide a huge volume of data which needs a BI expert to cope with, as well as may have limited customization possibilities in terms of the covered data scope. Also, if you use more than one cloud, or have private datacenters, the fact that each of these tools is limited to its vendor, may be a reason for you to find a third-party analytics tool. Here is where you may consider solutions such as CloudHealth, AppOptics, or IBM C
Read more

Maestro: Greeting the Green Dragon

Image
The year is coming to the end, and it's high time for our traditional lookback on Maestro evolution, changes, and important events. The year of 2023 has been dynamic and full of updates, both technical and strategic.  We kept to our previous commitments , meanwhile adjusting to the new trends in Cloud and technologies in general.  We met our user's expectation and need for  cross-cloud FinOps, automated infrastructure analytics, security assessment and the "Fix it" button , aimed to simplify issues remediation. We also took into account the rising demand for  Open Stack-based resources, Cloud Native approaches,  AI/ML integrations .  As a result, we came up with our standard "six release per year" cycle, highlighted with the following milestones: Maestro Insights With the ML technologies growth, the amount of services offering infrastructure recommendations and analytics, grow. This is true for the public cloud providers' native services, as well as thir
Read more

Maestro Orchestrator: Product? SaaS? Framework!

Image
In 2012, EPAM Cloud Orchestrator was created as a cloud solution for the EPAM Systems community. It appeared when the issue of redesigning the growing infrastructure of more than 500 projects became critical. After a thorough analysis of the existing solutions, EPAM experts had to admit that none of them fit the company needs. However, that was not a problem but a challenge. If no perfect solution existed, EPAM created its own from scratch. In six years, EPAM Cloud Orchestrator evolved into a true hybrid cloud with over 8000 virtual machines in hundreds of projects. In addition to its basic function - hosting virtual resources - it supports a number of related components helping the users to be in full control of their virtual infrastructures, such as audit, monitoring, billing, reporting. Meanwhile, a time has come to go out of the box of an enterprise solution and meet the market. This is how the new generation of EPAM Cloud Orchestrator - Maestro was born. Maestro is
Read more