Get started with ITCare
How do I connect to ITCare?
It is not possible to create your own ITCare account to access the platform.
To receive an ITCare account, your organization's security representative must submit an account creation request.
How do I request an ITCare account?
Please contact your Service Delivery Management or the commercial team at cegedim.cloud.
How is ITCare authentication handled?
ITCare authentication is based on an e-mail address and a password that comply with the standards of the cegedim security policy.
API accounts use the OpenID protocol. More information about the ITCare API can be found at ITCare API.
Is multi-factor authentication available?
Multi-factor authentication is available and mandatory for certain high privilege actions that will require either:
Answering a phone call
Or validating a notification on a smartphone
During the on-boarding process, you will be provided with all the information necessary to properly configure the MFA.
What are the possible privileges in ITCare?
ITCare privileges are broken down into roles assigned to profiles.
Profiles are assigned to users.
The roles
| Roles | Description |
|---|---|
See resources | See all the resources and their informations. Read only |
Manage maintenances | Ability to manage maintenances |
Modify resources | Ability to modify resources except creation and deletion |
Manage resources | Complete resource management |
MFA must be configured and is mandatory for the following roles:
Manage maintenances
Modify resources
Manage resources
The profiles
| Profiles | See resources | Manage maintenances | Modify resources | Manage resources |
|---|---|---|---|---|
Standard (STD) | ||||
Maintenance (DTM) | ||||
Operator (OPE) | ||||
Power (POW) |
Privilege Matrix
This non-exhaustive table describes the basic actions allowed by profile:
| Features | Label | Available for |
|---|---|---|
Bodies | create-instance | POW |
start-instance | OPE | |
stop-instance | OPE | |
reset-instance | OPE | |
resize-compute-instance | OPE | |
delete-instance | POW | |
Instance monitoring | enable-monitoring-instance | OPE |
disable-monitoring-instance | OPE | |
Snapshot of instances | create-snapshot | OPE |
recover-snapshot | POW | |
delete-snapshot | OPE | |
DNS aliases of instances | create-dns | OPE |
delete-dns | OPE | |
LoadBalancers | create-lb | POW |
start-lb | OPE | |
stop-lb | OPE | |
delete-lb | POW | |
Monitoring of LoadBalancers | enable-monitoring-lb | OPE |
disable-monitoring-lb | OPE | |
Manage LoadBalancers | add-member-lb | OPE |
delete-member-lb | OPE | |
update-member-state | OPE | |
DNS alias of LoadBalancers | create-dns-lb | OPE |
delete-dns-lb | OPE | |
Manage maintenance | create-maintenance | MNT |
delete-maintenance | MNT | |
Indicators | create-indicator | POW |
update-indicator | POW | |
delete-indicator | POW | |
SMS | subscribe-vortext | POW |
Storage Object | create-object-stores | POW |
update-object-stores | OPE | |
delete-object-stores | POW | |
Storage Object - Users | create-user-objectstores | POW |
update-user-objectstores | POW | |
delete-user-objectstores | POW | |
K8S Clusters | create-cluster | POW |
create-cluster-namespace | OPE | |
delete-cluster-namespace | OPE | |
create-cluster-nodes | POW | |
delete-cluster-nodes | POW |
What are the Regions and Availability Zones in ITCare?
The topology of the cegedim.cloud hosting platform is divided into:
Regions: a group of low latency data centers ( < 1 ms)
Availability zones: a set of dedicated infrastructure components in a data center
What regions are available?
Here is the list of regions available to our customers:
| Region | Description | Datacenters |
|---|---|---|
EB | Paris area | EB4 : Boulogne-Billancourt EB5 : Magny-les-Hameaux |
ET | Toulouse area | ET1 : Labège ET2 : Balma |
What Availability Zones are available?
EB Region
| Availability Zone | Description | Datacenter |
|---|---|---|
EB-HDS-A | Client zone | EB4 |
EB-HDS-B | Client zone | EB4 |
EB-HDS-C | Client zone | EB5 |
EB-A | Area reserved for the cegedim group | EB4 |
EB-B | Area reserved for the cegedim group | EB4 |
EB-C | Area reserved for the cegedim group | EB5 |
ET Region
| Availability Zone | Description | Datacenter |
|---|---|---|
ET-HDS-A | Client zone | ET1 |
ET-HDS-B | Client zone | ET1 |
ET-A | Area reserved for the cegedim group | ET1 |
ET-B | Area reserved for the cegedim group | ET1 |
What is an ITCare resource?
A resource is an infrastructure or middleware component deployed in the cegedim.cloud Information System.
It can only belong to one Service (see How are my ITCare resources organized? for the definition of a Service)
A resource is systematically defined by the following properties:
an id: unique identifier of the resource.
a type: the type of the resource e.g. virtual instance, Kubernetes cluster, etc.
a name: more convenient to handle than an id.
a status: defines the state of the resource (active, inactive).
an environment: defines the type of environment of the resource (production, qa, dev, test, etc.).
tags: allows you to tag your resources with customizable keys/values that are queryable.
What are the possible statuses for resources?
Here are the possible statuses of a resource that are visible by the web UI or returned by the API:
| Status | Description | API code |
|---|---|---|
Active | The resource is active and the service is available. | ACTIVE |
Preparation | The resource is being installed or configured. The service is not yet available. | PREPARATION |
Inactive | The resource is inactive and the service is unavailable. | INACTIVE |
How are my ITCare resources organized?
Each cegedim.cloud customer has an Organization that materializes its existence within our IS.
Multiple Clouds can be created within an organization. These allow partitioning of resources and user rights.
By default, only one Cloud is defined for a new Organization. Additional Clouds can be created upon request.
You can therefore define, at the level of a Cloud, who has access to what and what actions can be performed.
It is therefore possible, for example, to have a Cloud that gives full power to your development teams so as not to disrupt production. Within a Cloud, resources are then grouped into Services.
The Services allow you to group your resources in a logical way according to several free criteria:
The scope of an application
By environment
Any other free criteria: by customer for example
The Services do not allow the application of user rights restrictions.
In ITCare, the Services have dedicated pages that allow you to easily consult all the resources attached to them.
Last updated
