When an MSP Business Admin adds tenants, associating them with appropriate permissions is crucial to safeguard what specific operations to manage. MontyCloud DAY2 Platform accesses only basic read-only permissions to manage tenants who want restricted monitoring and accesses read-write permissions for tenants who are willing to allow the MSP unrestricted access.


For example, a particular account may want the MSP to only manage certain aspects of their organization with restricted access while a different organization may want the MSP to manage their entire organization without any restriction. 


In these scenarios, MSP Business Admin have the following three permissions to assign to the tenants:


  • Assessment (Audit Permissions): The Assessment Feature Pack provides visibility into infrastructure and configuration only—no write access, no customer data access. This enables your team to perform inventory reviews and Well-Architected assessments early in the engagement. This Feature Pack is ideal for pre-sales engagements, or low-trust situations in which the goal is resource discovery and assessment.

  • Continuous Visibility (Basic Permissions): The Continuous Visibility Feature Pack allows MontyCloud to perform assessments, analyze cost, and tag resources. All functions from the Assessment Feature Pack are included, and the tenant gains access to the Cost, Optimization, Tags, Security, and Compliance tools. This Feature Pack is ideal for customers who are newer to MontyCloud, but interested in exploring a wider set of tools in the platform.

  • Automated CloudOps (Advanced Permissions): The Automated CloudOps Feature Pack allows MontyCloud to perform a wide variety of functions in the operational lifecycle, including deployment, assessment, and automation. All functions from the Continuous Visibility Feature Pack are included, and the tenant gains access to the Service Catalog and Automation tools. This Feature Pack is ideal for customers who want to experience the full value of the MontyCloud tool and are comfortable with providing a high level of access to their AWS accounts for the platform.