Entitlements in bwCloud-OS
Entitlements in bwCloud-OS define who can access the platform, how many resources they may use (Quota flavors), and under what conditions (Eligibility). They are issued and managed by the user’s home institution and play a central role in how the platform is used and funded. These decisions are made exclusively by the user's home institution. The bwCloud-OS team has no authority to grant access or resources without an official entitlement.
In a nutshell, a customer can use the entitlements to allow their members to consume in the bwCloud-OS and to control eventual costs.
Structure
An entitlement persists out of two parts, the quota flavor and optionally the eligibilities,
QUOTA_FLAVOR
bzw.
QUOTA_FLAVOR:json=ELIGIBILITY
, where QUOTA_FLAVOR must be one of the supported values from the table TODO LINK below and ELIGIBILITY is the base64-encoded JSON structure described below.
Quota flavors
The entitlements for granting quotas are described in the table below.
| quota flavor | Note |
|---|---|
| bwcloudos_empty | Default case. User can’t generate costs. |
| bwcloudos_tiny_1 | |
| bwcloudos_xtiny_1 | |
| bwcloudos_medium_1 | |
| bwcloudos_xmedium_1 | |
| bwcloudos_large_1 | |
| bwcloudos_xlarge_1 | |
| bwcloudos_custom | User can choose the quota to be requested. |
Each quota flavor is associated with resources granted to projects.
| Entitlement | instances | cores | ram_gb | volumes | volumes_gb | backups | backups_gb | networks | subnets | routers | floating_ips |
|---|---|---|---|---|---|---|---|---|---|---|---|
| bwcloudos_empty | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| bwcloudos_tiny_1 | 1 | 1 | 1 | 10 | 100 | 30 | 300 | 10 | 10 | 1 | 0 |
| bwcloudos_xtiny_1 | 2 | 2 | 2 | 10 | 100 | 30 | 300 | 10 | 10 | 1 | 0 |
| bwcloudos_medium_1 | 4 | 4 | 4 | 20 | 200 | 60 | 600 | 10 | 10 | 1 | 1 |
| bwcloudos_xmedium_1 | 8 | 8 | 8 | 20 | 200 | 60 | 600 | 10 | 10 | 1 | 1 |
| bwcloudos_large_1 | 16 | 16 | 16 | 40 | 400 | 120 | 1200 | 20 | 20 | 2 | 2 |
| bwcloudos_xlarge_1 | 32 | 32 | 32 | 40 | 400 | 120 | 1200 | 20 | 20 | 2 | 2 |
| bwcloudos_custom | * | * | * | * | * | * | * | * | * | * | * |
Eligibility JSON
Optionally, the following structure for Eligibilities may be used to provide further information and define conditions for the quota flavor.
{"eligs": [{"cc_id": "COST_CENTER_ID", "first_val": "YYYY-MM-DD", "last_val": "YYYY-MM-DD", "max_bu": "INTEGER"}, {...}]}
This JSON needs to be utf-8 and base64-encoded.
Special Entitlements
There is also the Entitlement bwcloudos_access that is further described in Access Control via Entitlements.
| Entitlement | Note |
|---|---|
| bwcloudos_access | Allows the registration for the bwCloud-OS via RegApp |
Access Control via Entitlements
The entitlement bwcloudos_access determines whether a user is allowed to access bwCloud-OS at all. Accessing the bwCloud-OS requires a registration in advance.
Automated Registration
Registration is streamlined through entitlements:
- Entitlements are automatically evaluated during registration.
- Users receive immediate access and resources once their entitlement is confirmed. No manual activation is required.
Cost Allocation and Funding Model
Entitlements also help define who is financially responsible for resource usage. To ensure sustainable operation and future hardware/software upgrades, bwCloud-OS is moving toward a cost allocation model.
- The user’s institution is responsible for:
- Verifying users have access to funding.
- Covering the collective costs for all users from that institution.
- bwCloud-OS will generate aggregated usage reports and invoices per institution — no individual billing.