How role-based access control (RBAC) works in Gremlin
Reliability testing and Chaos Engineering are essential for finding reliability risks and improving the resiliency of systems. Gremlin makes it easy to do so, but not every engineer needs access to the same experiments, systems, or services. That’s why we released customizable role-based access controls (RBAC), letting Gremlin customers control which actions your users can perform in Gremlin.
To learn how customizable RBAC works in Gremlin and what it means for your organization, keep reading below.
What is RBAC, and how does it work in Gremlin?
Running tests on systems comes with some inherent risks. To reduce these risks, we’ve built Gremlin with several safety systems in place. These include intelligent health checks, environment isolation between teams, and the ability to halt and revert every type of experiment.
Customizable RBAC takes this a step further by letting you choose which individual actions that users can perform. Each user action has a corresponding privilege that can be enabled. These privileges are assigned to different roles, and you can assign one or more roles to your Gremlin users. Privileges are additive: if a user is assigned multiple roles, and at least one of those roles enables a privilege, then the user will gain that privilege.
What roles are available out-of-the-box?
Gremlin comes with a set of default roles organized into two categories: Company roles, and Team roles. Company roles define privileges for managing a Gremlin company, while Team roles define privileges for actions in a Gremlin team. For example, a Company Manager can add users, set up integrations, view teams, and read reports, but they can’t run experiments. A Team User can create and run experiments in a specific team, but they can’t manage other users in the team.
Configuring roles to meet your organization’s requirements
Every organization has different security and access needs, and your reliability testing should support this. You wouldn’t want engineers on one team to manage another team’s users, or have a company administrator run shutdown experiments. By creating roles with specific privileges, you can prevent these situations by implementing restrictions directly into your Gremlin team structure.
Gremlin’s security model follows the principle of least privilege. This means giving users the fewest privileges needed to accomplish their tasks. Customizable RBAC brings this concept to your Gremlin organization.
As an example, many organizations have centralized platform teams that manage Gremlin as a service for other engineers. Platform engineers don’t need to run experiments, but they do need to manage users, company-level integrations, and teams. For them, the Company Manager role would be the perfect starting place. But for end-user engineers, who will be running experiments, the Team User role is a better fit.
You can also assign multiple roles to a user. For example, you could create a Team Network User role that only lets users run network experiments like blackhole, latency, and packet loss. You could also create a Team Resource User role that does the same for CPU, memory, disk, and I/O. To grant these privileges, you’d first assign a role with minimal privileges, like Team Viewer. Adding a role like the Team Network User role adds the new privileges on top of the existing ones. They effectively “stack” on each other, creating the user’s complete access profile. You can view this profile by editing the user’s roles from the Members page in Team Settings.
Assigning default roles
If you want to apply a specific role to all users in your company or team, you can do so by setting it as a default role. Default roles can be set for your Company (impacting all users), or for individual Teams (impacting only users in that team). You can also set a default Team Role at the company level, which will apply to teams that don’t have a default role set. Default team roles can be overridden at the individual team level by using the team’s Initial Role. This Initial Role is automatically granted to all users of the team independent of other roles, and can be considered as the team’s baseline access.
To understand how this works: each Company has a default Company role, and a default role for Teams. All users inherit the default Company role. Individual Teams can set their own default roles, which overrides the Company-level Team default. You can also assign roles to users individually.
What if I don’t want to create custom roles?
If you don’t want to go through the process of creating and managing roles, you don’t have to! Gremlin still comes with several default roles for both teams and companies. These are identical to how roles worked before we released custom RBAC, and provide the same privileges.
Learn more
Custom RBAC is available for all Gremlin users. To learn more, connect with our team for a personalized demo.
Gremlin's automated reliability platform empowers you to find and fix availability risks before they impact your users. Start finding hidden risks in your systems with a free 30 day trial.
sTART YOUR TRIALGremlin's automated reliability platform empowers you to find and fix availability risks before they impact your users. Start finding hidden risks in your systems with a free 30 day trial.
start your free trial