Spyderbat User and Role Management Overview
Learn about creating, modifying and deleting users, as well as assigning access permissions and privileges, in the Spyderbat UI.
Published: July 20, 2023
You have set up your organization in the Spyderbat UI, maybe even installed a few Spyderbat Nano Agents. It is time to invite additional team members and set up their login credentials as well as access permissions. In this article we are going to cover the user and role management within your organization.
If you are the Spyderbat Organization owner, then by default you will be set up with Admin level permissions and therefore will have access to the Admin section of the console, located at the bottom of the left hand navigation panel:
Only Admins are able to see this section in the UI. No other user role grants access to Organization Management options.
Here you are able to perform standard user management activities, as such as:
- Invite new users
- Remove existing users
- Change user roles
If you are an organization Admin and would like to grant access to the Spyderbat UI to other users, you can do so by populating the user’s email address and selecting a role that they should be assigned from the Roles drop-down:
Once the desired selections have been made, click “Add User” and you will see their email address and role come up under Accounts below and a confirmation will pop up:
The user will then receive an email confirmation letting them know they have been added by you to your organization in the Spyderbat console.
To remove a user from the Organization, the Admin must hover over the row with the user ’s email address and click the “delete” icon next to it:
A confirmation will pop up that the user has been removed successfully:
No notification email will be sent to the user to let them know they have been removed from the organization.
Once the user has been removed, if they had an active session at the time of removal, they will immediately see the following page:
There are four distinct roles to choose from in every organization in the Spyderbat platform that are available to help manage access to different parts of the UI as well as define permissions associated with managing the monitoring scope, the collected data and the data consumption methods.
The roles offered today are:
- AdminUsers with this role are able to access all sections of the UI and have Read, Edit and Delete permissions where these actions are available. Admins are also able to manage users and access by inviting new users into the organization, deleting existing users or upgrading/downgrading user privileges by changing the assigned roles.As a best practice recommendation, you should not have a lot of users with the Admin role in your organization and should likely be limited to 1-2 users
- Power UserThis user will have full access to all sections of the UI (except for organization and user management) and have Read, Edit and Delete permissions where these actions are available.
- Agent DeploymentThis role is intended for an onboarding engineer(s) who will be responsible for installing Spyderbat Nano Agents on the hosts (VM’s and K8s clusters) that are part of the organization’s monitoring scope. These users can access Sources and agent Health sections of the Spyderbat UI and have access to agent install scripts and commands.
- Read OnlyThis role is self explanatory. Users with Read Only access are able to see all sections of the UI, except for the Admin section. They can view dashboards, all monitoring and other metadata collected by the Spyderbat Nano Agents in the Sources and Agent Health sections, as well as view process and K8s investigations and share permalinks. They will not be able to make any changes to the data, like change source names, or archive offline sources, for example.
If you are an organization Admin, you are able to change user roles of your organization members in the Admin → Organization Management section. To modify a user’s role, you need to click on the Roles drop-down, select the new role, deselect the existing role and click “Save”:
Note: if you do not deselect the existing role, then the user will be saved with both roles associated with their account and the higher-permission role will prevail in that case: