Organization Permissions
Permissions in Zepl are organized by centrally managed Security Policies. These policies can be highly customized with granular and specific permissions around actions in the product. After understanding the product level permissions available to you in the policies, you can assign team members to use those policies and gain access to those permissions.
Each team member can be assigned multiple Security Policies, and their permissions to perform actions in Zepl are the sum of all the permissions granted to them by the Security Policies. Zepl provides several convenient Security Policies for you to use out of the box, and it's easy for you to build policies customized for the particular needs of your enterprise.
Security Policies are located under Settings. Not everyone can view and edit security policies for an organization - you need the appropriate permission to do so. This permission is granted by default to "Organization Owners" and "Security Administrators".
Navigating to the Security Policy Screen
When looking at the list of security policies, click on any security policy to see what permissions are assigned to that policy. To edit what permissions are associated with a policy, you simply need to click on the check mark next to a policy. To make your edits permanent changes to the policy, simply click Save.
Editing the "All Users" Policy Permissions
Creating a new policy is very similar to viewing and editing an existing one. Click "New Policy" above the list of current security policies to start the process. Give the policy a name, select the permissions you want associated with the policy, and click "Save" to finish creating the policy.
Creating a sample security policy
To assign users to policies, navigate to the Members page under Settings. You can assign policies to an individual team member by clicking on their name to access their profile page. Select any policies you would like to assign to the user on the members profile page and click save.
[Add Gif of adding policy when policy screen isn't broken]
Assigning policies to users requires a permission of "Assign and unassign security policies". This permission is granted by default to "Organization Owners" and "Security Administrators".
Whenever you invite a user to join your organization, you can also assign policies to this user at the same time if you have the permission to assign users to policies.
Zepl comes with several out-of-the-box policies that you can use to grant permissions to organization members. These policies can be changed to customize your needs.
Policy | Policy Purpose |
Organization Owner | This policy is granted to the creator of an organization - can be thought of as a super administrator, as it has all permissions in an organization. |
All Users | This policy grants common permissions to all users in an organization - actions such as creating a notebook, using a data source, and inviting team mates |
Infrastructure Administrator | This policy is for team members who will need to create Zepl infrastructure such as resources, clusters, and images. |
Security Administrator | This policy is for team members that are responsible for keeping the organization secure |
Billing Administrator | This policy is for team members who need to monitor how much Zepl is being used and responsible for paying for Zepl usage |
The following permissions are available for you to include in a policy
Category | Permission | Org. Owner | All Users | Infra. Admin | Security Admin | Billing Admin |
Authentication | Configure and activate SSO authentication providers | ✅ | | | ✅ | |
Authentication | View configuration of SSO authentication providers | ✅ | | | ✅ | |
Billing | Assign, delete, replace credit cards | ✅ | | | | ✅ |
Billing | Download usage data | ✅ | | | | ✅ |
Billing | View credit card related information | ✅ | | | | ✅ |
Billing | View usage data | ✅ | | | | ✅ |
Code Snippets | Create, update and delete code snippets | ✅ | ✅ | ✅ | | |
Code Snippets | View code snippets | ✅ | ✅ | ✅ | | |
Execution | Create and update compute resources | ✅ | | ✅ | | |
Execution | Create, update and delete interpreters | ✅ | | ✅ | | |
Execution | Create, update and delete notebook execution schedules | ✅ | ✅ | ✅ | | |
Execution | View compute resources | ✅ | ✅ | | | |
Execution | View notebook execution schedules | ✅ | ✅ | ✅ | | |
Notebook | Build, update and delete custom images | ✅ | ✅ | ✅ | | |
Notebook | Create, update and delete data source definitions | ✅ | ✅ | ✅ | | |
Notebook | Use data sources | ✅ | ✅ | | | |
Notebook | View and use custom images | ✅ | ✅ | ✅ | | |
Notebook | View data source definitions | ✅ | | ✅ | | |
Security Policies | Assign and unassign security policies | ✅ | | | ✅ | |
Security Policies | Create, update or delete security policies | ✅ | | | ✅ | |
Security Policies | View security policies | ✅ | | | ✅ | |
Security Policies | View security policy assignments | ✅ | | | ✅ | |
User Management | Invite users to the organization | ✅ | ✅ | | ✅ | |
User Management | Remove users from the organization | ✅ | | | ✅ | |
User Management | Update user profiles and settings | ✅ | | | ✅ | |
User Management | View user profiles and settings | ✅ | ✅ | | ✅ | |
Last modified 2yr ago