Sign inTry Free

How to Use SingleStore Helios RBAC

On this page

The following sections outline the steps for using RBAC at the Organization and Workspace group levels.

RBAC can be configured by using the User Management tab under the Deployments Page in the Cloud Portal

Organization Level

SingleStore offers different organizational level access for users in the Shared, Standard, and Enterprise editions.

For Users in Shared Edition

Invite New Users

  1. Navigate to the Users & Teams option from the Organization menu at the top.

  2. Select Add Member.

  3. Enter the new user's email address and then select the default team that this member should be invited to. 

  4. By default, every user invited to the organization is added to the Organization Owners team and assigned the Owner role.

  5. To change or add roles for each user, navigate to Teams, then select the team the user needs to be part of in the organization.

  6. Select Edit Team, select the user from the list, and then select Update Team.

Create a New Team

  1. Navigate to the Users &Teams option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select Create New Team.

  4. Add the details for Team Name and Team Description.

  5. Select default members in the team.

  6. Select Create Team to complete the creation.

Update the Members of Existing Teams

  1. Navigate to the Users & Teams option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select the ellipsis (three dots) in the Actions column and select View Team. Alternatively, you can directly select the Team Name in the first column.

    • Select Edit Team on the top right.

    • Add or remove existing members of the team as required.

    • Select Update Team to save changes.

For Users in Standard and Enterprise Editions

Invite New Users

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Select Add User.

  3. Enter the new user's email address in User Email and then select the team from the Teams list that this user should be invited to. Selecting the team is optional.

  4. By default, every user invited to the organization is added to the Organization Owners team and assigned the Owner role.

  5. To change or add roles for each user, navigate to Teams, then select the team the user needs to be part of in the organization.

  6. Select Edit Team, select the user from the list, and then select Update Team.

Create a New Team

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select Create New Team.

  4. Add the details for Team Name and Team Description.

  5. Select the users in the team.

  6. Select Create Team to complete the creation.

Update the Users of Existing Teams

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select the ellipsis (three dots) in the Actions column and select View Team. Alternatively, you can directly select the team name in the Name column.

    • Select Edit Team on the top right.

    • Add or remove existing users of the team as required.

    • Select Update Team to save changes.

Custom Role

Note

This is a Preview feature.

Create a Custom Role

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Roles tab.

  3. Select Create Custom Role.

  4. In the Create Role dialog box,

    • Enter the Name and Description of the role.

    • Select the resource among Organization, Workspace Group, Team, and Secret for which you want to create the role.

    • Set the permissions for the role based on the selected resource.

    • Select Create Role to complete the creation.

Edit a Custom Role

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Roles tab.

  3. Select Custom from the Role list to edit the role.

    • Select the role name in the Name column.

    • Select Edit Role.

    • Update the Description and set new permissions.

    • Select Update Role to save changes.

Delete a Custom Role

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Roles tab.

  3. Select Custom from the Role list to edit the role.

  4. Select the role name in the Name column.

  5. In the Actions column, from the ellipsis (three dots), select Delete Role.

Role Management

You can add or revoke both pre-defined and custom roles.

Add a Role for a User

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Users tab.

  3. Select a user in the Name column.

  4. Select the resource among Organization, Workspace Group, Team, and Secret for which you want to add the role.

  5. Select Add Role. Add Role For <Resource> dialog appears.

  6. Follow the actions for different resources:

    Resource

    Action

    Organization

    • Select a role from the Role list.Select Add Role to add a role in the organization.

    • Select Add Role to add a role in the organization.

    Workspace Group

    • Select a workspace group from the Workspace Group list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the workspace group.

    Team

    • Select a team from the Team list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the team.

    Secret

    • Select a secret from the Secret list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the team.

Revoke a Role for a User

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Users tab.

  3. Select a user in the Name column.

  4. Select the resource among Organization, Workspace Group, Team, and Secret for which you want to revoke the role.

  5. Find the role you want to delete.

  6. In the Actions column corresponding to the role you want to delete, select the trash bin icon.

  7. Select Revoke to revoke/delete a role.

Add a Role for a Team

You cannot add roles on default teams. Roles can only be added in created teams.

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select a team in the Name column.

  4. Select the resource among Organization, Workspace Group, Team, and Secret for which you want to add the role.

  5. Select Add Role. Add Role For <Resource> dialog appears.

  6. Follow the actions for different resources:

    Resource

    Action

    Organization

    • Select a role from the Role list.Select Add Role to add a role in the organization.

    • Select Add Role to add a role in the organization.

    Workspace Group

    • Select a workspace group from the Workspace Group list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the workspace group.

    Team

    • Select a team from the Team list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the team.

    Secret

    • Select a secret from the Secret list.

    • Select a role from the Role list.

    • Select Add Role to add a role in the team.

Revoke a Role for a Team

  1. Navigate to the Users & Permissions option from the Organization menu at the top.

  2. Switch to the Teams tab.

  3. Select a team in the Name column.

  4. Select the resource among Organization, Workspace Group, Team, and Secret for which you want to revoke the role.

  5. Find the role you want to delete.

  6. In the Actions column corresponding to the role you want to delete, select the trash bin icon.

  7. Select Revoke to revoke/delete a role.

Workspace Group Level

Invite New Users

  1. Navigate to Deployments in the left navigation pane.

  2. Select the workspace group that you want to invite the user to.

  3. Select the User Management tab. 

  4. Select Add Members.

  5. In the Add Member to Workspace group dialog box, fill in the details.

  6. Select User or Team from the list, select a user or the team from the list, and select a role. This applies to the workspace group-level roles that need to be added.

  7. Select Add Members to save the changes.

  8. You will be able to see the member or team added.

Update Members in an Existing Workspace Group

  1. Navigate to Deployments in the left navigation pane.

  2. Select the workspace group from the workspace group list that you want to invite the user to.

  3. Select the User Management tab. 

  4. Select the ellipsis (three dots) in the Actions column and then select Edit Roles next to the user to change the role of the user. To remove the user’s access from the workspace group completely, select Revoke all Roles.

  5. In the Edit Roles, change the role for the user. 

  6. Select Update to save the changes.

Enabling RBAC for New and Existing Organizations

RBAC is enabled for all Organizations.

Pre-defined teams are created and granted common roles when RBAC is enabled. These teams include Organization Owners, Organization Billing Administrators, Organization User Administrators, Organization Operators, Organization Writers, and Organization Readers.

For new organizations, the initial users will be added to the Organization Owners team, which grants full access to all user actions. For existing organizations, users will be added to the Organization Owners teams, allowing those users continued access to any user actions. Any user in the Organization Owners team can reassign other users in the team to different teams to limit their access.

New users can be invited to join any team(s). Inviting a new user to join the Organization Owners team immediately grants them access to all resources in the organization. Inviting a new user without specifying a team adds them to the default members team, which makes them a member of the organization, but grants no specific access beyond the ability to login to the portal and navigate to the options available.

When users are added to an organization or a workspace group, synchronization takes place in the engine and they are added to the corresponding user groups in the backend.

Last modified: December 6, 2024

Was this article helpful?

On this page

Was this article helpful?