Managing Users and Permissions

Michael Delzer Updated by Michael Delzer

Agile Stacks provides for centralized management of users to access the components typically using OKTA integration with enterprise Identity Management systems (IDM). This configuration is done at the time of original deployment of Agile Stacks. The specific details will be unique to each customer.

High level concepts are creating teams in Agile Stacks and them mapping users to these teams using the companies IDM solution.

Organizational structures and segregation of duties may be key design issues on how the teams will be used.

A corporate naming convention needs to be used to support consistent use of names and tracking them over years of operations.

  1. Organizational Admin account Assigned by Agile Stacks
    1. Teams
      1. Admin (has similar rights to "Organizational Admin")
      2. ... Customer Defined names

RBAC attributes are assigned at

  1. Cloud
    1. Environment (Are Tied to a Cloud account)
  2. Templates (are secured independent of Cloud permissions)

Stacks and Apps inherit Permissions

A deployed Stack and Application Pipelines will pickup permissions from their Stack Template used to deploy Stack Instance and the Cloud and Environment permissions.

Read rights allow a Team to use an object

Write allows a Team to change an object or use it

There is not the ability to specify specific user a unique right

Before removing a Team, Any object assigned to the team that is wanted to be deleted (independent if the Team had admin, write, or read access) must be removed from all objects. Thus careful naming conventions are needed to avoid orphaning rights to objects to a deleted team.

Like what you see? Request a demo today!

How did we do?

User and Team Management

Install Hub CLI and Toolbox