User and role management

Learn ways to manage users and roles in Cloud Observability.

Overview

Cloud Observability offers several ways to manage users and roles. The different features and integrations give you the following:

• Flexibility - Integrate with your tools – for example, Azure AD, Okta, or OneLogin – to manage users and roles in Cloud Observability.
• Security - Control user access with role-based access control (RBAC) and let Identity Providers (IdPs) authenticate users through single sign-on (SSO).
• Efficiency - Manage users and roles at scale with Just-in-Time (JIT) provisioning, the Cloud Observability API, Okta and System for Cross-domain Identity Management (SCIM), or Terraform.

Features and integrations

This section lists Cloud Observability’s features and integrations for managing users and roles. The information is organized by function and links to setup guides to help you get started.

Not sure where to start? Visit Plan your workflow for four common setups.

Authenticating users

To securely manage Cloud Observability users, use SSO or manually invite users in the Cloud Observability UI.

With SSO, an IdP – for example, Okta – authenticates users. Users then log into Cloud Observability with their IdP credentials. Cloud Observability supports SSO with OAuth2 and SSO with Security Assertion Markup Language (SAML).

Creating users

Cloud Observability has several options for creating Cloud Observability users.

If you’re using SSO, automate user creation with JIT provisioning or use Okta and SCIM. You can also create users in bulk with the Cloud Observability API.

If you’re not using SSO, create users by manually inviting them in the Cloud Observability UI.

Assigning roles

RBAC lets you manage what users can do in Cloud Observability through roles and permissions. There are several ways to work with Cloud Observability’s RBAC.

If you’re using SSO, auto-assign a default role to new users with JIT provisioning or Okta and SCIM. You can also assign roles in bulk with Terraform.

If you’re not using SSO, assign roles in the Cloud Observability UI.

Deleting users

To securely delete Cloud Observability users, use the Cloud Observability API or Cloud Observability UI.

Plan your workflow

There are many ways to manage users and roles in Cloud Observability. The chart below shows four common workflows, covering SSO, creating users, assigning roles, and deleting users.

See also

Roles and permissions

Set up JIT provisioning

Manage users and roles

Updated Aug 8, 2023