Role Based Users and Accessibility

RBAC is a critical component of a secure and efficient observability strategy. It allows you to control who can access and interact with sensitive monitoring data, ensuring security, compliance, and operational efficiency. By implementing RBAC, organizations can protect their data, streamline operations, and improve collaboration across teams.

Users belong to a whole organization and not just to specific tenants. Access to multiple tenants within the same organization is possible. This way there will be more control over data and its seggregation.

Benefits

  • Improved Security
  • Compliance with Regulations
  • Operational Efficiency
  • Reduced Risk of Human Error
  • Scalability
  • Auditability and accountability

Role: IT Admin, Developers, SREs, and DevOps.

Managing roles

Billing admin role

The Billing admin user is the super user and is created by Rakuten Customer Support along with tenants within an organization. This user can see all the available tenants within an organization by clicking the tenant drop-down list available on the SixthSense portal's home page.

note

The Rakuten Customer Support team can create multiple Billing admin users.

As a Billing admin user, you can navigate to Settings > User & role administration to create roles and users. For more information, see Creating a customised role and Creating a user.

note

As a Billing admin user, you cannot edit or delete self or any other Billing admin user. You can manage other customised users by editing or deleting them. For more information, see Managing users.

The Billing admin user (super user) can see the following two kinds of default roles already created. To create additional roles, see Creating a customised role.

Default Roles

Platform Admin role

The user with this role is a tenant level admin and can perform the following tasks:

  • Provides Read/Write access to all the capabilities within a single tenant.
  • Does not have any privilege to perform user or role management (only Billing admin role).
  • Gives Read/Write access to all the capabilities within a single tenant.

Platform Read-only role

The user with this role can read all the data for all capabilities within a single tenant but cannot edit/write i.e. make any configuration changes.

note

This user will not have access to User & role administration tab.

Custom role

You can add/customise roles at the tenant level. For more information, see the following section.

Creating a customised role

By default the All roles tab is selected. You can create a normal role (single tenant) or create a group role (multi-tenant). To create group roles which is a combination of roles, see Creating group roles.

  1. Navigate to Settings on the left pane from the SixthSense Observability portal page.
  2. Click the User & role administration tab.
  3. Select Role creation.
  4. Click + Add role.
  5. In the Add role screen do the following:
FieldDescription
Role nameA name for the role.
CapabilitiesSelect capabilities that you want the user to have access to.
  1. Select any or all the access check boxes next to the available capabilities and click Ok or click Customise to customise the access for each application.
note

Accesses such as Read, Edit, Alert read, and Alert write are available. You can customise accesses for applications within each capability.

  1. Click Save.

Creating group roles

Group roles are multi-tenant roles which are created at an organisation level. This helps assign a group role for all the selected tenants and its users.

  1. Click + Add group role from the Role creation page.
  2. Enter the group name.
  3. Select the toggle button to make it default. While creating a user the default group name will auto-populate.
  4. Select the tenants listed in the drop-down.
  5. Select the roles (either the default roles or customised roles) for each tenant listed.

Creating a user

Rakuten Customer Support creates a Billing Admin role while configuring a tenant and organisation. For creating more users to access the SixthSense application, use the following procedure.

  1. Navigate to Settings on the left pane from the SixthSense Observability portal page.
  2. Click the User & role administration tab.
  3. Click + Add user.

The add user screen appears.

Add User screen
  1. In the Add user screen, enter the following details.
FieldDescription
First nameUser’s first name.
Last nameUser’s last name.
EmailUser’s email address.
Select group roleSelect a group role. Note that if you have selected a group role as default, this field is prepopulated with that role.
Select roleUser’s role you want to assign. Note that you can create a user without attaching a role.
  1. Click Save.
  2. A random password is generated for the first time.
  3. Click Copy to copy the password which you can share with the user.

Managing users

You can either edit or delete a user that you have created from the All users page using the ellipse icon.

Assigning roles

You can assign users in bulk to a tenant or multiple tenants.

  1. From the All users page, click Assign role.
  2. In the Assign role page, select the users.
  3. Select a group role or any role and click Save.