Introducing Granular Permissions: For Fine-Tuning User Access
At Aptible, we are committed to building the platform as a service that grows with your company—from start to scale. Today, we’re excited to continue to deliver on that commitment by announcing Granular Permissions, a new and improved permission model which allows fine-tuning User access.
Until now, Aptible had a simple but powerful system: read-only or full write-access to a given Environment. The simplicity of this system for role-based access controls enabled developers to avoid more complex and error-prone IAM systems, like AWS’s. As teams scaled on Aptible, we saw some of the ways this system was too simple for complex use cases. Some examples include:
- Providing read-only database access to non-engineers
- Providing limited access to basic operations (such as scaling and restarting) to robots
- Proving least privileged access for security & compliance requirements, such as SOC 2
To make Aptible work even better for teams at scale, we’ve introduced Granular Permissions for Custom Roles. When implementing, we recommend considering the following so you can ensure your team has the right level of permissions:
- What Environments do the Users in this Role need access to?
- What are all the actions the Users in this Role need to perform?
- What information or actions should the Users in this Role not have access to?
“We’ve tested and implemented Tunnel Only permissions. This works great for locking down database access by providing tunnel access without sensitive information like database credentials. It gives us much more flexibility in what we can do!” - DevOps Engineer @ Further
Managing Roles & Permissions
Users are assigned Roles which define the level of access they have within your Aptible account. The three types of Roles on Aptible:
- Account Owners: Can manage all resources + invite and manage Users and Roles + view all billing details
- Aptible Deploy Owners: Can manage all resources + invite and manage Users and Roles
- Custom Role: Can perform actions defined by permissions set on a given Role. Note: There is no limit to how many Custom Roles you can create.
TIP: As you scale your team, Custom Roles become more useful for maintaining least-privileged access. Since Roles define what Environments Users have permissions to, we highly recommend multiple Environments to design a least-privileged access principle.
To give Users read permission to a given Environment, you can assign one of the following permissions:
- Basic Visibility: Can read basic information
- Full Visibility (formerly Read): Can read basic information + App Configurations
To give Users write permission to a given Environment, you can assign the following permissions:
- Environment Admin (formerly Write): Can perform any action within the environment (all of the below).
- Deployment: Can create and deploy resources
- Destruction: Can destroy resources
- Ops: Can create and manage Log and Metric Drains, and restart and scale resources.
- Sensitive Access: Can see and manage sensitive values such as configuring Apps, viewing Database Credentials, and managing Certificates.
- Tunnel: Can tunnel into Databases but cannot see Database Credentials.
TIP: You can also set up monitoring for key security events like Database Tunneling and SSH Sessions. Read more about how we’ve achieved that within our own systems.
Want to see a new permission be added in the future? Let us know!
For a comprehensive list of what’s next with Aptible, and to request features that would benefit your growing team, visit our roadmap.
A Fresh Look at Aptible’s UI
A good user interface (UI) is not just about aesthetics. It plays a pivotal role in the overall developer experience. A thoughtfully designed UI abstracts away the complexity of the underlying systems and delivers intuitive interaction, clear visuals, and seamless navigation. And ultimately enables developers to focus on what truly matters: building, testing, and deploying quality code.
Deploy a Shirt 👕
For any first time users, simply sign up for Aptible, deploy your first application, and you’ll receive a t-shirt.
Building a logging infrastructure that supports separation and isolation: The long journey toward log drains
Centralized logging isn’t a novel feature, but that doesn’t make it easy to build. It’s complex, tends to require a lot of iteration, and early architecture decisions can have long-term consequences you didn’t anticipate.