Team accounts with fine grain control
C
Continuing from http://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/3981054-allow-team-accounts, that is great for multiple developers.
However, I would like to set a billing contact from our finance department who is not a developer and I don't want to give access to anything but billing.
As well as that, I am sure there are other use cases were a team lead might want to do one of the following:
- restrict access to certain servers to certain users
- or have an infrastructure employee restrict dev servers to developers, staging servers to devs and testers, and then prod/live to minority of devs, for example
Sum up:
- Ability to assign finance, infra (for downtime, maintenance work etc.), account super admin users with different abilities.
- Ability to assign a users to a account group.
- Ability to restrict droplets to certain users or user groups, and then that users abilities can be view, edit/view, or all access.
Thanks!
W
Whitney Jutzin
Thank you so much for taking time to raise this product improvement idea to us! Though we are still working on the true ask here, we wanted to let you know that we have made some scoped access improvements that we think you'll be interested in trying out. You can learn more about it here: https://docs.digitalocean.com/reference/api/create-personal-access-token/ We will continue to work on the larger request in this Idea and will update you as soon as we have more information to share.
Merged in a post:
Custom Roles with permissions
S
Santiago Mendoza
Allow to add custom roles with permissions.
Something like:
Admin: Will have permissions to manage droplets, billing and support.
Billing: Will have permissions to billing only, and support.
Dev: Will have permissions to see metrics and droplet info, but not to manage them.
And go on.
Merged in a post:
More control over permissions for Team Members
N
Nuno Bento
Would be great to more control over permissions when you invite someone to your team. For example:
View only
Access to specific droplet(s)
What permission they have within the droplet(s) - view, resize, destroy, create backups/snapshots, etc...
Merged in a post:
Add ACL Support
B
Brad Berger
Would love to see some sort of ACL functionality. Would be great to allow different users access to droplets, permission to add droplets, etc, on a per user basis. Obviously a more complicated example of this is AWS's IAM.
For Digital Ocean to be a viable option on an enterprise level, or even be a viable option for any business that has more than one or two developers, this would make a big difference.
This post was marked as
open