Create and Manage Resellers

You can configure a reseller role with control over a limited amount of cloud resources, using the restriction sets. Comparing to cloud administrators, resellers have admin permissions within a specific part of the cloud. The reseller's users have the same permissions as regular OnApp users. This section contains information on how you can configure the reseller role. 

The reseller role is limited only to the part of the cloud assigned to the reseller by the cloud administrator. Resellers have no influence on the cloud as a whole. This section describes the steps the cloud administrator needs to perform to configure the reseller role. After resellers are granted access to the cloud, they can manage the Look&Feel options of OnApp Control Panel according to their preferences.

To implement and use the reseller instance, cloud administrator must create and tie together the following:


Create Reseller Role



The cloud administrator creates a reseller role. This process is similar to creating other roles in OnApp. For more information on how to create the reseller role, see .Create New Role

We recommend that the cloud administrator grants the reseller full access to all resources, excluding the following permissions:

  • Restrictions Resources group
  • Restrictions Sets group
  • Create/update/destroy role
  • Create new zones or resources


Create Restrictions Set



The restrictions set specifies to which resources in the cloud the reseller will have the limited access. If you do not limit a particular resource, the reseller will have unlimited admin-like access to it. When creating a restrictions set, you tie the role to which a reseller user is assigned with the limitations configured in this set. For information on how to create a restriction set, see Create and Manage Restriction Sets


Create Bucket



Create a bucket for the reseller and specify the limits and prices for the resources. For more information, see Configure Resource Allocation And Prices

If the restrictions for the reseller role are set based on the bucket approach, then the bucket of the reseller works differently from typical OnApp buckets. In typical ones, if the resources are not added, users assigned to such a bucket will have access to unlimited resources. In case of a reseller, if some resources are not added to the bucket, the reseller will have no access to that resource.

Create User Group



To tie the restrictions set with the end users of the reseller and their resources, create a user group and add there the appropriate user roles. 

During the user group creation process, the cloud administrator:

  • Adds the reseller role and the roles requested by the reseller to the group
  • Adds the reseller's bucket to the group

For more information on how to create a role, see Create New Role.


Create Reseller Account



Create a reseller account:

  • Assign the reseller role to this account
  • Assign the reseller's bucket to this account
  • Add the reseller to the user group created earlier

For more information on creating users, see Create User.


Create Other Roles Required by Reseller



Create the roles which the reseller requires so that they could add their own users based on it, as the reseller cannot create new or update existing roles. This process is similar to creating other roles on OnApp. For more information, refer to Create New Role section. All further corrections to the roles are performed by the cloud administrator. Therefore, it is important that the resellers inform the cloud administrator what functionality they require for users to have access to.


Billing for Reseller and Reseller's Users



The reseller and the reseller's users are billed separately according to the limits and prices configured in their buckets. The limits and prices set in the reseller's bucket do not affect the limits and prices set in the corresponding user's bucket and vice versa. 

If resellers have particular compute/datastore/backup/network zones added to the bucket's Access Control and their users have the corresponding zones restrictions controled by the bucket, only those zones that are added to the reseller's bucket will be available to the end users. Therefore, the following restricted resources for end users depend upon compute/datastore/backup/network zones added to the reseller's bucket:

  • Compute Zones (By bucket resources)
  • Data Store Zones (By bucket resources)
  • Backup Server Zones (By bucket resources)
  • Network Zones (By bucket resources)