Larger projects with many users require effective management at scale in tiCrypt. In a scaling scenario, both admins and super-admins must know how to:
- Manage multiple users simultaneously in a large number of projects.
- Make bulk changes in the user's status.
- Adopt global changes in the system when needed.
- Manage bulk changes in the tiCrypt backend.
- Proactively make use of bulk VM actions.
In this blog, we provide a set of tiCrypt features that allow you to streamline the process to maintain a significant number of projects at scale.
Global Management at Scale
Most of the time, the System Admins and Project Investigators take over the extensive project responsibilities. The scope of global management is to perform bulk actions with less effort and to enhance data consistency, avoiding human error.
The tab allows admins and project managers to be creative about their projects. Many of the tiCrypt features were designed to leverage power to the management teams allowing various bulk actions to occur.
Make Global Announcements
Before deploying large projects to all admins or sub-admins may be required to set up a management infrastructure. The global announcement feature allows Project Managers and Admins to send secured global messages within the system.
To make a global announcement to all users or admins navigate to the tab in the Users
section.
- Click the
Make announcement
button in the top left corner. - Follow the instructions from Make Global Announcement section.
Management User Profiles
The User Profiles in tab is a powerful tool for creating personas. They are a way to tag users without altering their default permissions settings.
Scenario: Suppose you manage a large project with 1000+ users.
You must organize the users in categories based on your management requirements, project compliance and level of access. It is tedious and time-consuming to organize 1000+ users manually.
As a result, tiCrypt allows you to use the User Profiles feature to create your own user/admin avatar. Each user profile includes custom roles and permissions to allow unique actions and events during the project deployment.
Once the user profiles are created, they can be applied in bulk to project or team members, whichever is the case.
Use this feature with high caution only if necessary. Hazardous use of permissions can block certain unpredicted actions for users assigned the user profile.
Learn more about User Profiles in the User profiles example section.
To create a user profile navigate to tab in the User Profiles
section.
- Click the
Create new user role
button in the top right. - Follow the instructions from Create User Profile section.
Apply Profiles in Bulk
Once you built your desired user profiles in management, you can apply them to users in bulk.
To apply profiles to users navigate to tab in the Users
section.
- Select the users you would like to apply profiles to.
- Click the
Apply profile
button in the top right. - Follow the instructions from Apply Profile section.
Bulk Email
In a large project, communication is crucial. tiCrypt offers alternative ways to communicate via email, allowing admins to all project member emails or them at a click of a button.
To bulk email users navigate to the tab in the Users
section.
- Select the users you would like to bulk email.
- Click the
Bulk-email
button in the top right. - Follow the instructions from Bulk Email section.
Bulk Refresh Users Information
If a large number of Users is updated at different times and you want to build a report of them for audit purposes. You can use this option to bulk refresh all user data.
To bulk refresh users information navigate to tab in the Users
section.
- Select the users you would like to refresh information for.
- Click the
Refresh user(s) info
button in the top right. - Follow the instructions from Refresh User Info section.
Add Multiple Certifications
Adding multiple certifications at once can automate management efforts. This feature allows admins and project managers to certify multiple users for a security requirement within a security level of a tagged (classified) project.
To add multiple user certifications to users navigate to tab in the Users
section.
- Select the users you want to add the certifications to.
- Click the
Add certification
button in the top right. - Follow the instructions from Add Certification section.
Bulk Mark Certifications as Expired
Whenever a project requirement changes or is updated, admins and project managers can turn off the access for all project members to a security level by marking their certifications as expired.
To mark multiple user certifications as expired navigate to tab in User Certifications
section.
- Select the user certifications you want to mark as expired.
- Click
Mark as expired
in the top right. - Follow the instructions from Mark Certification As Expired section.
Add Multiple Users to a Project
Significant project processes may require adding many users to a project; this can be achieved using the bulk Add to project option.
To add multiple users to a project navigate to tab in the Users
section.
- Select the users you want to add to a project.
- Click the
Add to project(s)
button in the top right. - Follow the instructions from Add to Project section.
Add Users to Multiple Projects
Large projects with multiple subprojects may require admins and project managers to add many users with similar roles in the projects. This action can be sped up using the Add members to projects option.
To add multiple users to many projects navigate to tab in the Projects
section.
- Select the projects you would like to add users to.
- Click the
Add memeber(s)
button in the top right. - In the prompt, type the name of the members you want to add to the selected projects.
- Click the button on the right.
- Scroll down then optionally, type an expiration date for the users in the project.
- Next, select user roles in the projects.
- Select user restrictions in the projects.
- Select whether you want to skip or update their expiration in the projects.
- Click .
Assign Subadmins to Multiple Projects
Successful project managers and admins are often supported by successful sub-admins. tiCrypt allows admins to assign projects in bulk to sub-admins.
To assign a projects to subadmins navigate to the tab in the Projects
section.
- Select the projects you want to assign to the sub-admins.
- Click the
Assign project to Sub-admin(s)
button in the top right. - Follow the instructions from Assign Projects to Subadmins via Projects section.
Change Roles in Bulk
Changing roles to multiple users may be a rare scenario. However, tiCrypt allows admins and super-admins roles to change other users' roles simultaneously.
To change the users roles navigate to tab in the Users
section.
- Select the users you would like to change the roles of.
- Click the
Change role
button in the top right. - Follow the instructions from Change Role section.
Change States in Bulk
In the case when users leave the organization indefinitely, you can change their states to inactive in bulk. This option also helps you to onboard new users by setting in bulk their states to active and escrow on the next login.
To change state of users navigate to tab in the Users
section.
- Select the user(s) you would like to change state of.
- Click the
Change state
button in the top right. - Follow the instructions from Change State section.
Disable Multiple Accounts Until
When multiple users have gone on holiday or overseas, certain compliance factors may require you to prevent their access to the project. You can use the Disable account until option to pause their access for a limited time and automatically resume it later.
To disable users account until a specified date navigate to tab in the Users
section.
- Select the user(s) you want to disable the account of.
- Click the
Disable account until
button in the top right. - Follow the instructions from Disable Account Until section.
The practical difference between Change state
of users to inactive and using the feature Disable account until
is the inactivity period. If users leave for a short time, you should use the Disable account until
feature if they are likely to never come back you can Change state
of users to inactive and eventually delete them.
Bulk Delete Objects
As a super-admin, you can bulk delete the majority of the objects in tiCrypt; however, you cannot delete anything that is cryptographically enhanced (i.e., Groups, VMs, Drives, Etc.) unless you are the owner of them.
To bulk delete any objects navigate to any of the following tabs ,, in any section or sub-tab.
- Select the object you would like to delete.
- Click the
Delete
button usually in the top right. - In the prompt, click .
- Alternatively, click to confirm the deletion.
View a specific example to Bulk delete VM configurations.
Bulk Export in JSON or CSV
Admins and project managers can bulk export data in JSON
or CSV
format in the and tabs.
The export options are globally displayed for most tiCrypt objects.
To bulk export in JSON or CSV any objects navigate to any of the following tabs , in any section or sub-tab.
- Select the object you would like to export.
- Click either the CSV Export option or the JSON Export option.
- Finally, click one of the following export quantities:
- All items.
- Visible items.
- Selected items.
Bulk Change Host States
Changing host states in bulk is to manage how extensive VMs infrastructure would connect to them. When hosts may need maintenance or updates that require all VMs to be disconnected from them, super-admins can use this option.
To change the state of a host navigate to the tab in the Hosts
section.
- Select the host you would like to change the state of.
- Click the
Change state
button in the top right. - Follow the instructions from Change Host State section.
Bulk Check Host Utilizations
The Check host utilization option is bulk by default. This checks all hosts of the system, allowing super-admins to verify the flow of resources in the host.
To check utilization of a host navigate to the tab in the Hosts
section.
- Select the host where you would like to check the utilization.
- Click the
Check utilization
button in the top right. - Follow the instructions from Check Host Utilization section.
Bulk Shutdown VMs by Hosts
Similarly to admins changing host states to inactive, you can bulk shut down VMs by hosts. This action allows for a complete shutdown of all VMs of a host in urgent situations.
Please be aware that using this option will turn off all VMs of the host; all unsaved work in the VMs may be lost.
To shutdown all VMs of a host navigate to the tab in the Hosts
section.
- Select the hosts where you would like to shut the VMs down.
- Click the
Shutdown all VMs
button in the top right. - Follow the instructions from Shut Down All VMs in Host section.
Bulk Manage Hardware Setups Access
To bulk manage access in VM Hardware Setups navigate to the tab in the Hardware Setups
section.
- Select the VM Hardware Setups you would like to manage the access of.
- Click the
Manage Access
button in the top right. - Follow the instructions from Manage Hardware Setups Access section.
Bulk Change Hardware Setups Images
To bulk change the image in VM Hardware Setups navigate to the tab in the Hardware Setups
section.
- Select the VM Hardware Setups you would like to change the image of.
- Click the
Change Image
button in the top right. - Follow the instructions from Change Hardware Setups Images section.
Bulk Replace Hardware Setups Instructions
To bulk replace instructions in VM Hardware Setups navigate to the tab in the Hardware Setups
section.
- Select the VM Hardware Setups you would like to replace the instructions for.
- Click the
Replace Instructions
button in the top right. - Follow the instructions from Replace Hardware Setups Instructions section.
Bulk Set Projects in Running VMs
Some significant projects demand multiple VMs to be connected to them. You can bulk tag numerous VMs to a project simultaneously.
To set projects in running VMs navigate to the tab in the Running VMs
section.
- Select the running VMs to which you would like to set the projects.
- Click the
Set Project
button in the top right. - Follow the instructions from Set Projects in Running VMs section.
Bulk Shut Down Running VMs
When a project is complete and data is saved on drives, the VMs are no longer in use hence you can bulk shut down them.
To shut down running VMs navigate to the tab in the Running VMs
section.
- Select the connected VMs you want to shut down.
- Click the
Shut down
button in the top right. - Follow the instructions from Shut Down Running VMs section.
Bulk Power Up Service VMs
When starting a large project, VMs in place for service may be powered up simultaneously.
To bulk power up Service VMs navigate to the tab in the Service VMs
section.
- Select the service VMs you would like to power up.
- Click the
Power Up
button in the top right. - Follow the instructions from Power Up Service VMs section.
Bulk Fetch Libvirt XML description of Service VMs
Super-admins can view the difference between each Service VMs's XML description.
To bulk fetch the Libvirt XML description navigate to tab, in the Virtual Machines
section.
- Select the connected VMs you want to view the Libvirt XML description of.
- Click the
Three dots
button in the top right. - In the prompt, click the
Libvirt XML Description
option. - Follow the instructions from View Libvirt XML Description of Running VMs section.
Bulk Restart Controllers of Service VMs
Service VMs controllers may be restarted in bulk to fix errors or update changes in the VM controllers.
To restart controller in Service VMs navigate to the tab in the Service VMs
section.
- Select the service VMs you would like to restart the controllers of.
- Click the
Restart
button in the top right. - Follow the instructions from Restart Controller section.
Bulk Execute Snapshot (Incremental) Backups
To perform a bulk incremental backup navigate to the tab in the Backup Domains
section.
- Select the domains you want to perform the backups for.
- Click
Snapshot (incremental backup)
in the top right. - Follow the instructions from Perform Domain Incremental Backup section.
Bulk Execute Checkpoint (Full) Backups
To perform bulk full backup navigate to the tab in the Backup Domains
section.
- Select the domains you want to perform the backups for.
- Click
Checkpoint (full backup)
in the top right. - Follow the instructions from Perform Domain Full Backup section.
Bulk Check Backup Domains
When using the Check backup domain option, the system automatically checks all backup domains for any errors and then notifies you via the task tray on the bottom right.
To perform a bulk check backup domain, navigate to the tab in the Backup Domains
section.
- In the top right panel, view the options.
- Click
Backup Domain Check
button in the top right. - Follow the instructions from Perform Backup Domain Check section.
Bulk Create Deletion Request of Escrow Users
In the case when an entire group of escrow users is changed, you can bulk-create deletion requests and follow the process from Delete Escrow Users section to execute the deletion appropriately.
To delete an escrow user from the system navigate to the tab in the Escrow Users
section.
- Select the escrow user you would like to delete.
- Click the
Create deletion request
button in the top right. - Follow the instructions from Delete Escrow Users section.
Bulk Execute Signed Certificates
A similar situation applies to bulk-executing signed certificates. Super-admins have permission to bulk upload the site-key admin-signed certificates into tiCrypt.
To bulk upload a signed certificate navigate to tab in the Escrow Certificates
section.
- Click the
Execute Signed Certificates
button in the top right. - Follow the instructions from Upload Escrow Certificates section.
Bulk Attach & Mount Drives to VM
tiCrypt allows users to bulk attach and mount unlimited drives to a VM. This action is possible due to flexible infrastructure and functionality.
You can attach either read-only
or read-write
drives.
If you attach multiple drives to a VM, consider the amount of resource utilization and VM architecture best practices.
To attach a drive in read-only or read-write mode navigate to the tab in the section.
- Select the Virtual machine you want to attach the drives to.
- Scroll down and click the
Drive Management
card. - Click the
Attach drive(s)
button in the top center. - Follow the read-only or read-write mode instructions from Attach more drives in a Running VM section.
The following example is for a read-only
drive.
Bulk Change Project Tag in Drives
To change project in a drive navigate to the tab in the Drives
section.
- Select the drive you would like to change the project for.
- Click the
Change project
button in the top right. - Follow the instructions from Change Project in Drive section.
You cannot re-tag VMs with different projects simultaneously. Your VMs must be tagged to the same project to change the project in bulk.
Bulk Add Users to a VM
Adding multiple users to a VM is a frequent action in project management.
To bulk add users to a VM configuration navigate to tab, in the Virtual Machines
section.
- Select the virtual machine you want to add users to.
- Click the
User Management
card on the right panel. - Click the
Add User(s)
button at the top panel. - Follow the instructions from Add Users to VM section.
Unshare Drives from Everyone Else
You can unshare drives from all users simultaneously. This action allows the owner of the drive to keep a drive private to themselves.
To unshare a drive with everyone navigate to the tab in the Drives
section.
- Select the drive you would like to unshare.
- Click the
Unshare from everyone else
button in the top right. - Follow the instructions from Unshare Drives with Everyone section.
Bulk Transfer via SFTP
Research data at scale is necessary for large projects. A simple way to transfer large amounts of data into the projects is via SFTP methods. Before you make a transfer, you must create an endpoint for your data to land on.
To create an SFTP endpoint navigate to the tab in the section.
- Select an existing directory you want to turn into an SFTP inbox.
- Click the
Manage Inbox
icon in the top right center. - Follow the instructions from SFTP Overview section.
VM Management at Scale
The Virtual Machines can work in bulk to achieve complex tasks at scale. You can use the following features by accessing the Management tab or the Virtual Machine tab.
Virtual Machines User Profiles
The User Profiles in tab is a powerful tool to create personas within the virtual machines realm. They are a way to tag virtual machine users by changing their permissions in the VM.
Scenario: Suppose you manage an extensive VM infrastructure where you have a vast number of users. You are advised to leverage the VM profiles to organize the user's permission and level of control within the VMs and Drives.
- Despite the user roles in the system, you can flexibly create a VM user profile.
- Eg1: super-admins of the system may be standard VM users if they belong to a VM User Profile designed for that purpose.
- Eg2: standard users in the system may have VM manager roles if they belong to a VM User Profile designed for that purpose.
- Multiple users may have multiple VM user profiles.
- No matter the user role, each VM user can have a maximum of one VM user profile per virtual machine.
To create a VM User Profile navigate to tab section.
- Click the button to make sure your VM is connected.
- Next, navigate to the
VM User Profiles
card. - Click the
Add profile
button in the top center. - In the prompt, type the VM User profile name.
- Select the profile role.
- Tick the appropriate profile permissions.
- Click .
To learn more about VM User Profiles follow the instructions from VM User Profiles (in Virtual Machines) section.
Create Access Directory for Large VM Groups
Access directories play a significant role in the VM large group management. There are by default three groups for an access directory:
- Everybody: All VM users have access to the directory.
- Nobody: None of the VM users have access to the directory; except the owner of the VM.
- Managers: Only the users with manager roles in the VM have access to the directory.
- Custom: Users with custom permissions set by the VM owner or VM managers have access to the directory.
To create a new access directory navigate to tab in the section.
- Select the connected VM you want to create the access directory in.
- Click the
Access Directory Management
card. - Click button in the top left.
- Follow the instructions from Create Access Directory section.
Miscellaneous Management at Scale
It is worth mentioning several complementary features that may be used as a tool to perform management at scale.
Global Login Message
In specific scenarios, you may need to conduct maintenance in the backend, which may require you to pause the system for a few days. Before starting the maintenance project, it is recommended to have at least one channel to contact all users about the maintenance work outside the system.
For good practice, you can use the global login message feature to inform everyone about a maintenance period or a significant project update that may affect all users. Optionally, you can set custom colors, symbols and display frequencies for your global message.
Global Terms of Services
As an alternative to global login messages, you can apply the same principle immediately after the users have logged in.
The Terms & Conditions prompt may be used for any relevant information or update users should know about. *, e.g., "The system will be down for 14 days due to a large project maintenance."
The Terminal Hub
The Terminal Hub helps you keep track of the running VMs when you deal with many terminals. It is a complimentary feature to large projects since it allows you to manage multiple VMs conveniently, at the same time.
To learn more about the Terminal Hub, navigate to Terminal Hub Overview section.