Panopta's access control (ACL) functionality gives teams fine-grained controls over the infrastructure team members can view (scope) and specific actions they can perform. The system is driven by roles, which are logical groupings of actions that a user can perform. A user can have one-to-many roles assigned to them - they're designed to be layered on top of one another.


System Roles

Out of the box, Panopta provides a number of default roles that will be more than sufficient for a lot of teams. They are not editable, but you can easily clone and customize them to meet your needs.

Account Admin
Able to perform any activity within Panopta
Server Admin
Able to perform most activities, with the exception of user, integration, and API management, as well as a few other ancillary activities
Dashboard Admin
Full management of dashboards
Dashboard Viewer
Read-only access to dashboards
Incident Responder
Slightly more advanced than a read-only user. Allows the user to view instances, start maintenance, pause monitoring, and a bit more.
Billing Admin
Access to billing only

Add Custom Roles

Teams looking for more fine tuning can leverage custom roles. Custom roles can be comprised of any number of actions that are available in Panopta. For instance, you may want a role that allows a user to view and edit instances, but read-only access for network devices. When creating a custom role, you may choose to either start from scratch or clone an existing role.

Starting from scratch

  1. Navigate to Settings -> Access Control.
  2. Click Add Role.
  3. Name your role and give it a description. Providing a description is not required but is highly recommended
  4. Select any number of actions which your role can perform. Keep in mind, some actions are depended on each other - for example, it doesn't make sense to give someone edit access on an instance but not view access
  5. Hit save. Your role is now ready to use

Cloning an existing role

  1. Navigate to Settings -> Access Control.
  2. Locate the role you'd like to clone. On the right side of the table, click the corresponding 3-dot menu. Click clone
  3. Give your new role a name. If you're a reseller, provide a role scope
  4. Customize your role to your liking
  5. Hit save. Your role is now ready to use