As a Tenant Owner, you can invite other members to your tenant, and control the roles and permissions for other members of your tenant.
Naturally, Aserto uses an Aserto authorization policy to manage access to the Aserto APIs that expose Aserto's functionality (including through the Console and CLI).
The Aserto roles are described here.
On the main navbar, you'll find the Tenant Dropdown. In this dropdown, you'll find all of the tenants that you have access to. To switch a tenant context, simply choose a tenant name from the dropdown:
To manage the currently selected tenant, choose the Manage tenant menu item from the dropdown.
To invite a new user to a tenant, go to Manage Tenant screen, click the Invite member... button, and enter their email. If the user exists in the Aserto directory, they will be invited to join the tenant as a Viewer. If they don't yet have an Aserto account, they will be invited to create one and change their password.
You can set the role for the new user by selecting a value from the dropdown. By default, the user is invited to a tenant as a Member. Once a new user has accepted an invitation, a Tenant Owner can change their role.
If a tenant invitation isn't accepted or declined within a week, that invitation will expire.
A tenant owner can view the status of invitations, and cancel invitations that are still pending.
Once a new member has accepted their invitation to join a tenant, as a tenant owner, you can change the role of that user in the context of this tenant using the role dropdown.
As a tenant owner, you can remove a member from a tenant by selecting the Remove member from tenant item in the role dropdown. Also, as a member of a tenant, you can remove yourself from the tenant using the same menu item, unless you're the last remaining owner.
Every tenant must have at least one owner.