Organization Permissions

Permission Model

Permissions in Zepl are organized by centrally managed Security Policies. These policies can be highly customized with granular and specific permissions around actions in the product. After understanding the product level permissions available to you in the policies, you can assign team members to use those policies and gain access to those permissions.
Each team member can be assigned multiple Security Policies, and their permissions to perform actions in Zepl are the sum of all the permissions granted to them by the Security Policies. Zepl provides several convenient Security Policies for you to use out of the box, and it's easy for you to build policies customized for the particular needs of your enterprise.

View Security Policies

Security Policies are located under Settings. Not everyone can view and edit security policies for an organization - you need the appropriate permission to do so. This permission is granted by default to "Organization Owners" and "Security Administrators".
Navigating to the Security Policy Screen

Edit Policy Permissions

When looking at the list of security policies, click on any security policy to see what permissions are assigned to that policy. To edit what permissions are associated with a policy, you simply need to click on the check mark next to a policy. To make your edits permanent changes to the policy, simply click Save.
Editing the "All Users" Policy Permissions

Create New Policy

Creating a new policy is very similar to viewing and editing an existing one. Click "New Policy" above the list of current security policies to start the process. Give the policy a name, select the permissions you want associated with the policy, and click "Save" to finish creating the policy.
Creating a sample security policy

Assigning Policies to Users

To assign users to policies, navigate to the Members page under Settings. You can assign policies to an individual team member by clicking on their name to access their profile page. Select any policies you would like to assign to the user on the members profile page and click save.
[Add Gif of adding policy when policy screen isn't broken]
Assigning policies to users requires a permission of "Assign and unassign security policies". This permission is granted by default to "Organization Owners" and "Security Administrators".
Whenever you invite a user to join your organization, you can also assign policies to this user at the same time if you have the permission to assign users to policies.

Default Policies

Zepl comes with several out-of-the-box policies that you can use to grant permissions to organization members. These policies can be changed to customize your needs.
Policy Purpose
Organization Owner
This policy is granted to the creator of an organization - can be thought of as a super administrator, as it has all permissions in an organization.
All Users
This policy grants common permissions to all users in an organization - actions such as creating a notebook, using a data source, and inviting team mates
Infrastructure Administrator
This policy is for team members who will need to create Zepl infrastructure such as resources, clusters, and images.
Security Administrator
This policy is for team members that are responsible for keeping the organization secure
Billing Administrator
This policy is for team members who need to monitor how much Zepl is being used and responsible for paying for Zepl usage

Default Permissions

The following permissions are available for you to include in a policy
Org. Owner
All Users
Infra. Admin
Security Admin
Billing Admin
Configure and activate SSO authentication providers
View configuration of SSO authentication providers
Assign, delete, replace credit cards
Download usage data
View credit card related information
View usage data
Code Snippets
Create, update and delete code snippets
Code Snippets
View code snippets
Create and update compute resources
Create, update and delete interpreters
Create, update and delete notebook execution schedules
View compute resources
View notebook execution schedules
Build, update and delete custom images
Create, update and delete data source definitions
Use data sources
View and use custom images
View data source definitions
Security Policies
Assign and unassign security policies
Security Policies
Create, update or delete security policies
Security Policies
View security policies
Security Policies
View security policy assignments
User Management
Invite users to the organization
User Management
Remove users from the organization
User Management
Update user profiles and settings
User Management
View user profiles and settings