Manage users and roles

Add, delete, and assign roles to users with Cloud Observability, the Cloud Observability API, or Terraform.

The content below is intended for Admins and Billing Admins. For conceptual information about managing users and roles and possible setups, visit User and role management.

In Cloud Observability

Add users

Manually create users on Cloud Observability’s Projects and users page. Once you add a user, Cloud Observability sends them an email inviting them to create an account.

Follow these steps to create a new user:

  1. In Cloud Observability, click Account management > Projects and users.
  2. In the Users tab, click Add new user and fill out the Invite new user panel:
    1. Enter the user’s email address.
    2. Choose the user’s role.
  3. Click Invite user to send the user an email asking them to set their password and sign in.

    The new user appears in the Users tab. You and other Admin or Billing Admin users can change their role if needed.

Change passwords

If you’re using SSO, users can’t change passwords in Lightstep.

If you’re not using SSO, users can change their password. Follow these steps to change your password:

  1. In Cloud Observability, click Account management > Personal settings.
  2. In the Change password section, enter your current password, and then enter and verify the new password.
  3. Click Save changes to finish changing your password. You can now log in with your new password.

Change user roles

Follow these steps to change an existing user’s role:

  1. In Cloud Observability, click Account management > Projects and users.
  2. In the Users tab, find the relevant user and click ⋮ > Edit user.
  3. Choose the new role in the Edit user panel and click Confirm.

Cloud Observability displays <email> roles updated and returns to the Users tab.

Delete users

You can delete a single user or delete multiple users in bulk. Once you delete a user, they can no longer access Cloud Observability.

Follow these steps to delete users:

  1. In Cloud Observability’s navigation bar, click Account management > Projects and users.

  2. In the Users tab:

    • Delete a single user by finding the user, clicking ⋮ > Delete, and clicking Confirm in the dialog.
    • Delete users in bulk by selecting them, clicking Delete selected users, and clicking Confirm in the dialog.

Cloud Observability displays <email> deleted from <organization> and returns to the Users tab.

Set the default role

Cloud Observability assigns the default role to all new users. You can change users’ roles once they’re in the system.

Don’t set the default role to Admin. If you set it to Admin, all new users get full access to Cloud Observability.

  1. In Cloud Observability, click Account management > Projects and users.
  2. In the Settings tab, use the Default role drop-down to select the new role.

Cloud Observability displays <organization> default role updated.

Cloud Observability API

Use the Cloud Observability API to manage users in bulk. The API has two endpoints for creating, deleting, and listing Cloud Observability users.

  • Users - Create, delete, and list Cloud Observability users.
  • RoleBinding - List user roles.

Cloud Observability and Terraform

Use Terraform to manage user roles in bulk. The Terraform lightstep_user_role_binding resource lets you assign or reassign organization and project roles.

See also

User and role management

Roles and permissions

Set up JIT provisioning

Updated Aug 15, 2023