Administration
From the UI, select "Admin" in the main menu to access adminstration options.
Note
User management is accessible to Sumatra users with Admin status. Anyone can be granted Admin status by an existing administrator, independent of their role.
User management
Select the "Users" tab within "Admin" to manage users.
Add and remove users
| Action | Instructions | Note |
|---|---|---|
| Add user | Select "Add user" on the "Users" tab | |
| Resend invitation | Open the action menu (kebab) in the user table | |
| Reset password | Open the action menu (kebab) in the user table | Only available for non-SSO users |
| Deactivate user | Open the action menu (kebab) in the user table | |
| Delete user | Open the action menu (kebab) in the user table | A user must be deactivated before being deleted |
Tenants
Change which tenant a user is assigned to on the "Users" tab. If you are using your SSO provider to manage tenants and roles, change the assigned tenant through their interface.
Tenants are distinct spaces within your Sumatra instance that are managed via Terraform. Organizations are typically configured with one tenant for "Dev" and one for "Prod".
Role-Based Access Control (RBAC)
Administrators can assign one of three roles to each user to restrict access to sensitive areas of the platform while giving everyone the access they need.
Change which role is applied to a user on the "Users" tab. If you are using your SSO provider to manage tenants and roles, change the assigned tenant through their interface.
| Role | Permission | UI Access | Who it's for |
|---|---|---|---|
| Reader | Read only | Event Feed, Settings, Live Topology, and Dashboard | Non-developer analyst or stakeholder |
| Writer | Write | Everything, except plan/apply and push to prod | Developers + Data Scientists (most users) |
| Publisher | Write + Publish | Everything, including plan/apply and push to prod | Manager / Ops Eng. who can deploy to LIVE |
Admin status
Every user has an admin status that is separate from their role.
Change the admin status for each user on the "Users" tab. If you are using your SSO provider to manage tenants and roles, change the admin status through their interface.
| Admin status | Permissions |
|---|---|
| Admin | Access to the "admin" section of the UI to manage users and SSO |
| None | No access to "admin" tools |
SAML SSO administration
Select the "SSO" tab within the "Admin" section of the UI and follow the instructions to set up SSO. With SSO enabled, tenants and roles can be managed through Sumatra or through your SSO provider.
| Option | Tenant and role management |
|---|---|
| Sumatra | Manage tenants and roles on the "Users" tab of the UI |
| SSO provider | Manage tenants and roles with Google, OneLogin, etc. |
Note
SSO is currently only available to private cloud deployments of the platform. SSO for the fully-hosted platform is coming soon.