Overview #
Understanding Taikun’s User Types is important as it will determine the privileges and permissions that each user has within your structure. There are three main roles that we will be covering: User, Manager, and Partner.
User
Users are the most basic type of user on our platform. They have the least amount of privileges and are typically used for accessing and interacting with the platform on a basic level. Users are able to perform tasks such as viewing Projects, monitoring their health, and accessing them via Kubeconfig files.
Manager
Managers have more privileges than users and are typically responsible for managing an Organization within Taikun. In addition to the privileges that users have, managers are also able to create and manage Credentials, assign Projects to team members, and install Applications to clusters.
Partner
Partners have the most privileges of all three user roles. They typically have a strategic relationship with our company and are able to access advanced features and resources within the platform. Partners are able to create and manage multiple Projects and Organizations, as well as access Billing information and additional reporting tools.
Recommendation #
Taikun also has Owner User which can be assigned only to one member of an account. Owner Users have the full set of permissions similarly to Partner and are also granted additional access to management of payments.
Below you can find the table describing the rights of each user type in Taikun.
Permissions by User Type #
Managing Projects
| User | Manager | Partner | |
|---|---|---|---|
| Create a cluster | ✔ | ✔ | ✔ |
| Manage Kubernetes | ✔ | ✔ | ✔ |
| Add Servers to Projects | ✔ | ✔ | ✔ |
| Add VMs to Projects | ✔ | ✔ | ✔ |
| Repair Projects | ✔ | ✔ | ✔ |
| Create/delete Kubeconfig | ✔ | ✔ | ✔ |
| Share Projects | – | ✔ | ✔ |
| Delete Projects | – | ✔ | ✔ |
| Bind Flavor to Projects | – | ✔ | ✔ |
| Bind Image to Projects | – | ✔ | ✔ |
| Install Applications | – | ✔ | ✔ |
| Lock/Unlock Projects | – | ✔ | ✔ |
| Assign Projects | – | ✔ | ✔ |
| Adding Cloud Credentials | – | ✔ | ✔ |
| Project Quotas | – | ✔ | ✔ |
| Enable/Disable Backup | – | ✔ | ✔ |
| Enforce Policies | – | ✔ | ✔ |
| Attach/Detach Alerting Profile | – | ✔ | ✔ |
| Access Project History | – | ✔ | ✔ |
| Configure Backup Policy | – | ✔ | ✔ |
Monitoring Projects
| User | Manager | Partner | |
|---|---|---|---|
| Access Project Monitoring | ✔ | ✔ | ✔ |
| Enable/Disable Monitoring | – | ✔ | ✔ |
| Access Servers overview | – | ✔ | ✔ |
| Enable Slack notifications | – | ✔ | ✔ |
| Use Ticketing system | – | ✔ | ✔ |
Credentials and Profile Management
| User | Manager | Partner | |
|---|---|---|---|
| Add/delete Cloud Credentials | – | ✔ | ✔ |
| Add/delete Backup Credentials | – | ✔ | ✔ |
| Add/delete Showback Credentials | – | ✔ | ✔ |
| Add/delete Kubernetes profiles | – | ✔ | ✔ |
| Add/delete Access Profiles | – | ✔ | ✔ |
| Add/delete Alerting Profiles | – | ✔ | ✔ |
| Add/delete Policy Profiles | – | ✔ | ✔ |
| Add/delete Standalone Profiles | – | ✔ | ✔ |
Security
| User | Manager | Partner | |
|---|---|---|---|
| Access Audit Log | – | ✔ | ✔ |
| Configure KeyCloak | – | ✔ | ✔ |
| Issue API tokens | – | ✔ | ✔ |
Account Management
| User | Manager | Partner | |
|---|---|---|---|
| Add/delete users | – | ✔ | ✔ |
| Manage Organizations | – | – | ✔ |
| Access Billing Information | – | ✔ | ✔ |
