API Docs Developer Portal System Status Try for Free

Owner Based Access Control

Understanding the Roles and Access Controls for Entities within OBAC.

Owner-Based Access Control is an access control model where the ability to modify and delete entities is restricted to just its owners, Team Owners, and the Account Owner.

It is an alternative to the Role Based Access Control (RBAC) model, and it offers a robust framework that reduces the scope for human errors by restricting the ability to modify and delete entities to just its owners.

Note:

Please note that this feature is made available to select accounts only. You can reach out to our Support Team to have it enabled for your account.

Important:

This section applies exclusively to organizations with Owner Based Access Control enabled. There are no changes for other organizations that have opted for Role Based Access Control.

Note:

Users can refer to this document to learn how they can migrate from Role-Based Access Control (RBAC) to Owner-Based Access Control (OBAC) in Terraform: Migrating from RBAC to OBAC with Terraform.

Managing Teams

User Roles

With Owner-Based Access Control, there are three different types of roles in a Team:

Each role decides what a user can do. Roles show what actions users can take in a team.

Team Owner

In a team:

  • Team Owners can manage the team, including adding/removing members, changing team member's roles, and deleting the team.

  • Team Owners can modify or delete any team entity, regardless of ownership.

  • Only Team Owners can create, modify, and delete Stakeholder Groups for the team.

  • Both Team Owners and Team Members can create entities and squads.

Note: Teams can have multiple Team Owners.

Team Member

In a team:

  • Team Members can create entities and squads.

Stakeholder

In a team:

  • Stakeholders have read-only access to all team entities.

Managing Squads

User Roles

With Owner-Based Access Control, there are three different types of roles in a Squad:

Each role decides what a user can do. Roles show what actions users can take in a squad.

Squad Owner

In a squad:

  • Squad Owners can manage the squad, including adding/removing members, changing squad member's roles, and deleting the squad.

  • Squad Owners are the only ones who can transfer ownership of an entity owned by the squad to another user or squad.

Important:

  • User permissions to create entities and squads are based on their team role, not their squad role. Both team members and team owners can create entities and squads.

  • Team Owners have authority over all squads in a team, even if they are not explicitly part of those squads.

  • Stakeholders are not part of any squads.

Squad Member

In a squad:

  • Squad Members can view and edit the entities within a squad.

Access Control for Entities

PreviousRole Based Access ControlNextCreate and Delete Teams

Last updated