Docs menu
MENU

Managing Access Control

The Access Control section provides information about users who have access to the admin panel. Also, it contains the Audit Log subsection with the list of actions these users have performed.

Access Control

Go to the Access Control section to view a list of accounts that can access the admin panel. If needed, use the Search field within the tools panel to locate the required user quickly.

admin access control

Below, we’ll overview how to:

access control tools panel

Add New User Account

Click Add from the tools panel and provide the following data in the appeared form:

  • Login - email address of a user to be granted admin panel access (must be already registered on the platform)
  • Role - account permission, which can be selected from the list:
    • view - allows accessing the admin panel in the read-only mode
    • admin - provides full access to the platform features and admin permissions for API calls
Note: The owner and reseller roles cannot be assigned manually to a user account.

access control add admin

Click Add to assign a role to the account.

Now, it can be used for logging into the admin panel with the same password, which is used to access the user’s dashboard.

Edit Access Level

To edit the access permissions for an account, double-click the appropriate line or select it and click Edit on the tools panel. Change the Role in the opened dialog:

access control edit admin

Note: You cannot edit the owner, reseller, and current accounts.

Remove Existing Admin User

Select the undesired admin panel user within the list and click Remove.

access control remove admin

Confirm your decision to delete the permissions to access and manage the admin panel for the account.

Manage Mandatory 2FA for Admins

It is recommended for cluster admins to configure two-factor authentication (2FA) as an extra layer of protection from unauthorized access. To set 2FA as an obligatory requirement for admins, use the Access Control > Actions:

  • Enable/Disable Mandatory Two-Factor Auth - allows turning on/off the mandatory 2FA for cluster admins.

    enable mandatory two-factor authentication
    Within the appeared dialog, you can configure a delay for a few days for existing users before restricting access, as well as send the appropriate notifications. Also, it is possible to select Trusted Users (accounts that can skip mandatory 2FA).

  • Manage Trusted Users (displayed for the enabled 2FA only) - allows selecting trusted users from the automatically fetched list of admin accounts to skip the mandatory two-factor authentication for them.

    manage trusted users

The current state of the 2FA feature for a particular user can be seen in the Two-Factor Auth column.

Audit Log

Open the Access Control > Audit Log section to see the table with information about the actions performed by the admin panel users:

  • Start/End Time (UTC) - operation time frame
  • User ID - unique identifier of the account, which executed the action (click to locate within the Users section)
  • Service and Method - platform API service and method used for the action
  • Data - parameters of the performed operation (hover over and click the info icon for the full view)
  • Duration - time to complete the action
  • Result - an outcome of the operation (either Success or the appropriate error)

admin audit log

You can locate the needed information using the following filters:

  • Period (start and end date) of the operations
  • Search to locate records with matching data
  • User ID of the account to show the logs for
  • Service to locate an execution of a particular API (Service + Method)

When the needed parameters are specified, click Search to display information.

What’s next?