Organization Permissions

Permission Model

Permissions in Zepl are organized by centrally managed Security Policies. These policies can be highly customized with granular and specific permissions around actions in the product. After understanding the product level permissions available to you in the policies, you can assign team members to use those policies and gain access to those permissions.

Each team member can be assigned multiple Security Policies, and their permissions to perform actions in Zepl are the sum of all the permissions granted to them by the Security Policies. Zepl provides several convenient Security Policies for you to use out of the box, and it's easy for you to build policies customized for the particular needs of your enterprise.

View Security Policies

Security Policies are located under Settings. Not everyone can view and edit security policies for an organization - you need the appropriate permission to do so. This permission is granted by default to "Organization Owners" and "Security Administrators".

Navigating to the Security Policy Screen

Edit Policy Permissions

When looking at the list of security policies, click on any security policy to see what permissions are assigned to that policy. To edit what permissions are associated with a policy, you simply need to click on the check mark next to a policy. To make your edits permanent changes to the policy, simply click Save.

Editing the "All Users" Policy Permissions

Create New Policy

Creating a new policy is very similar to viewing and editing an existing one. Click "New Policy" above the list of current security policies to start the process. Give the policy a name, select the permissions you want associated with the policy, and click "Save" to finish creating the policy.

Creating a sample security policy

Assigning Policies to Users

To assign users to policies, navigate to the Members page under Settings. You can assign policies to an individual team member by clicking on their name to access their profile page. Select any policies you would like to assign to the user on the members profile page and click save.

[Add Gif of adding policy when policy screen isn't broken]

Assigning policies to users requires a permission of "Assign and unassign security policies". This permission is granted by default to "Organization Owners" and "Security Administrators".

Whenever you invite a user to join your organization, you can also assign policies to this user at the same time if you have the permission to assign users to policies.

​

Default Policies

Zepl comes with several out-of-the-box policies that you can use to grant permissions to organization members. These policies can be changed to customize your needs.

Policy

Policy Purpose

Organization Owner

This policy is granted to the creator of an organization - can be thought of as a super administrator, as it has all permissions in an organization.

All Users

This policy grants common permissions to all users in an organization - actions such as creating a notebook, using a data source, and inviting team mates

Infrastructure Administrator

This policy is for team members who will need to create Zepl infrastructure such as resources, clusters, and images.

Security Administrator

This policy is for team members that are responsible for keeping the organization secure

Billing Administrator

This policy is for team members who need to monitor how much Zepl is being used and responsible for paying for Zepl usage

Default Permissions

The following permissions are available for you to include in a policy

Category

Permission

Org. Owner

All Users

Infra. Admin

Security Admin

Billing Admin

Authentication

Configure and activate SSO authentication providers

✅

​

​

✅

​

Authentication

View configuration of SSO authentication providers

✅

​

​

✅

​

Billing

Assign, delete, replace credit cards

✅

​

​

​

✅

Billing

Download usage data

✅

​

​

​

✅

Billing

View credit card related information

✅

​

​

​

✅

Billing

View usage data

✅

​

​

​

✅

Code Snippets

Create, update and delete code snippets

✅

✅

✅

​

​

Code Snippets

View code snippets

✅

✅

✅

​

​

Execution

Create and update compute resources

✅

​

✅

​

​

Execution

Create, update and delete interpreters

✅

​

✅

​

​

Execution

Create, update and delete notebook execution schedules

✅

✅

✅

​

​

Execution

View compute resources

✅

✅

​

​

​

Execution

View notebook execution schedules

✅

✅

✅

​

​

Notebook

Build, update and delete custom images

✅

✅

✅

​

​

Notebook

Create, update and delete data source definitions

✅

✅

✅

​

​

Notebook

Use data sources

✅

✅

​

​

​

Notebook

View and use custom images

✅

✅

✅

​

​

Notebook

View data source definitions

✅

​

✅

​

​

Security Policies

Assign and unassign security policies

✅

​

​

✅

​

Security Policies

Create, update or delete security policies

✅

​

​

✅

​

Security Policies

View security policies

✅

​

​

✅

​

Security Policies

View security policy assignments

✅

​

​

✅

​

User Management

Invite users to the organization

✅

✅

​

✅

​

User Management

Remove users from the organization

✅

​

​

✅

​

User Management

Update user profiles and settings

✅

​

​

✅

​

User Management

View user profiles and settings

✅

✅

​

✅

​

​

​

​