Administration

Overview

Fiddler supports Role-Based Access Control (RBAC) using resources and roles. This documentation outlines the resources, roles, and permissions available in Fiddler, enabling you to manage access control for your organization.

Understanding Resources

Resources are entities within Fiddler that users can access and interact with. There are two main resource types:

Organization Resources

  • Organization: Represents your entire Fiddler setup, including projects and users.

  • Settings: General information, login details, notification settings, and integration configurations.

  • Users: Individual users with accounts in your Fiddler organization.

  • Teams: Groups of users within your organization.

    • Each user can be a member of zero or more teams.

    • Team roles are associated with project roles (i.e. teams can be granted Project Viewer, Project Writer, and/or Project Admin permissions for a project).

Project Resources

  • Projects: Contain models, data, and configurations for a specific ML application.

  • Models: Machine learning models onboarded to Fiddler for monitoring and explainability.

  • Project Settings: Configurations related to project access and user permissions.

  • Alerts: Notifications generated by Fiddler based on monitoring data.

  • Charts & Dashboards: Visualizations of your model performance and data insights.

Understanding Roles

Roles define the level of access a user has to Fiddler resources:

Organization Roles

  • Org Admin: Has access to manage users, teams, projects, and organization settings. However, this role cannot read the details of the projects.

  • Org Member: Limited access to organization settings and cannot create projects.

Project Roles

  • Project Admin: Manages all aspects of a project, including models, settings, alerts, and user access (except deleting the project).

  • Project Writer: Can view and edit most project details (models, settings, alerts), but cannot delete the project or invite other users.

  • Project Viewer: Can view project details and model content but cannot edit anything except charts and dashboards (read-only access).

Understanding Permissions

Permission types

Permission types are used in combination with resources and roles to define the access control rules in Fiddler. Fiddler's RBAC access control uses the following permission types to define the level of access a user has to resources:

  • List: This permission allows users to view a list of resources, but does not grant access to view details or interact with the resources in any way. For example, a user with the "List" permission for projects can see a list of project names, but cannot view project details or settings.

  • Read: This permission enables users to view details of a resource, but does not grant access to edit or modify the resource in any way.

  • Create: This permission allows users to create new resources, such as projects, models, or alerts.

  • Edit: This permission enables users to modify existing resources, such as updating project settings or editing model configurations.

  • Delete: This permission allows users to delete resources, such as deleting a project or a model.

Organization Level permissions

  • Org Admin: Full access to organization settings and resources.

  • Org Member: Limited access to organization settings.

Project Level permissions

An “Org Admin” or “Org Member” user can have the below access to the Projects

  • Project Admin: Full access to project resources.

  • Project Writer: Limited access to project resources, excluding deletion and user invitation.

  • Project Viewer: Read-only access to project resources.

Getting Started

  • The default "Org Admin" role is created during Fiddler installation.

  • Assign roles to users and teams to control access to resources.

  • Use the permissions matrix to understand the access levels for each role.

Click here for more information on teams.

Last updated

© 2024 Fiddler Labs, Inc.