Managing portal access

BigAnimal uses role-based access controls to grant users access to different parts of the application using organization-level and project-level roles. Roles are sets of permissions. BigAnimal uses roles to manage permissions assigned to users.

Each customer has a unique BigAnimal organization. Each organization has at least one project by default. An organization's database clusters are deployed and managed in the customer's cloud account within a project. You can create multiple projects within a single organization.

With multiple projects within an organization you can:

  • Separate workflows to provide secure and isolated environments.
  • Assign different users to different projects or give different roles to users in different projects to ensure they have the correct level of permissions.

To access a BigAnimal organization, first each user needs to be added to the organization's identity provider. For more information, see Setting up your identity provider. Your identity provider establishes the identity of users that can log in to BigAnimal.

Once a user has logged in to BigAnimal, you can assign them a role.

Organization level roles

The following roles grant privileges within an organization.

  • Organization owner This role has management privileges to the organization and can perform the following actions:

    • Create and view projects within their organization
    • Update and delete their own projects
    • View and assign organization-level and project-level roles
    • View an activity log for the whole organization and each project
    • View and download a usage report for the whole organization and each project
    • View the identity provider details
    Notes
    • The first user in a BigAnimal organization is an organization owner and project owner of the initial project, by default.
    • At least one user must be an organization owner.
  • Organization admin This role has read-only permissions to the organization. They can:

    • View a list of projects within the organization
    • View and download a usage report for the whole organization
    • View other users with organization-level roles
    • View the identity provider details of the BigAnimal subscription

Project level roles

The following roles grant privileges within a project:

  • Project owner This role has management privileges to the project and can perform the following actions within the project:

    • Connect the cloud service provider accounts to BigAnimal
    • View, edit, and delete the project
    • Create, view, edit, and delete clusters
    • Activate, suspend, and deactivate regions
    • View and assign project-level roles
    • View an activity log
    • View and download a usage report
    Note

    At least one user must be a project owner.

  • Project editor This role has edit privileges to the project and can perform the following actions within the project:

    • View the cloud service provider accounts connected to BigAnimal
    • Create, view, edit, and delete clusters
    • Activate regions
    • View users with project-level roles
    • View an activity log
    • View and download a usage report
  • Project viewer This role has read-only permissions to the project. They can:

    • View clusters
    • View users with project-level roles

Users

Organization owners can assign users organization-level roles to complete certain tasks:

  1. Select User Management from the menu next to your organization name in the top right of the portal.

  2. Select the edit icon for the user.

  3. Select Assign Roles.

  4. Select the roles for the user.

  5. Select Submit.

See Adding a user to a project for information on adding users to projects.