User Management
User Management provides features for Role Based Access Controls whereby you can create groups, assign roles to users, and assign users to groups.
By default, nothing will change any user’s access/roles that you have today so there is nothing you need to do unless desired. This means that All Users will be assigned the least restricted Owner role.
RBAC Component Definitions
- Users: Each user is assigned a Role (permissions on features/settings) and Users are members of one or more Groups to control which deployments they can access.
- Groups: Groups define which deployments are available to Users in the Group.
- Roles: Pre-defined roles (Owner, Admin, Editor, Viewer) which define permissions (e.g. Create, Read/view, Update, Delete) for each feature or application setting.
Users
- Each user is assigned a Role (permissions on features/settings) and Users are members of one or more Groups to control which deployments they can access.
- Users belong to 1 or more groups.
- Users can be added/edited/deleted by the Owner role (see Roles and Permissions below).
- User Management is available under the Gear pull-down menu for Account Settings.
Groups
- Groups define which deployments are available to Users in the Group.
- The default group is All and has All deployments assigned to the group.
- Groups can be added/edited/deleted by the Owner role (see Roles and Permissions below).
- Group Management is available under the Gear pull-down menu for Account Settings.
Roles
Note: Role permissions are pre-defined and not configurable.
Owner
- Allows for billing and user management, including the creation and assignment of deployments in groups.
- Includes all permissions of the Admin and Member roles.
- Owner is the default role for a new user during initial account creation.
- All existing users are Owner roles until changed (by another Owner).
Admin
- Day-to-day configuration including setting up integrations and various application customizations.
Editor
- Users allowed to edit (create, update, delete) objects, particularly incident type metadata. This role will be assigned to user of the role Member in a previous release
Viewer
- Users that are allowed read-only access to all but their own profile, e.g. to change their deployment selection or password
Permissions
| Setting/Feature | Owner | Admin | Editor | Viewer |
|---|---|---|---|---|
| Report Notes and Alerting | Edit | Edit | Edit | View |
| Define Custom Alert Types | Edit | Edit | None | None |
| Log Collector | Edit | Edit | None | None |
| Integrations | Edit | Edit | None | None |
| Root Cause Settings | Edit | Edit | None | None |
| User Management | Edit | Edit | None | None |
| Billing | Edit | None | None | None |