18 Jan 2016

Launched: Custom Roles

New permission system launches with custom roles, providing teams with fine-grained access control to everything in LaunchDarkly.

We’re happy to announce the beta launch of Custom Roles!  You will now be able to customize permissions for each of your team members.  This system enhances LaunchDarkly’s basic permission system by providing comprehensive and fine-grained access control for our enterprise customers.

One of the most common requests for us at LaunchDarkly has been the ability to lock down access to feature flags in production. Over time, though, we started hearing other needs:

  • “My ops team should be able to access infrastructure flags, but my product managers need to manage experiments”
  • “My QA team should have full control over my test environments, but they don’t need to create feature flags”

We realized that we needed to build an access control system flexible enough to work with a team’s desired workflow, but simple to administer and use. That’s why we built a new custom roles feature, inspired by IAM, Amazon’s enterprise-grade access policy engine.

The Power of Custom Roles

  • Lock your production environment down to a small set of trusted users
  • Distinguish infrastructure-level feature flags (controlled by your DevOps team) from experiments (controlled by product management or marketing)
  • Allow QA members to control feature flags on designated QA environments only

Features

  • Basic Permission System
    • Global access control levels for team members based on a set of built-in roles
    • Only supports Reader, Writer, Admin, and Owner
  • Enterprise Permission System with Custom Roles (NEW) 
    • Inspired by AWS Identity and Access Management (IAM)
    • Create custom policies for fine-grained control over everything in LaunchDarkly — from feature flags to goals, environments, and teams
    • Create unlimited custom roles for complete access control
    • Assign one or more custom roles to each team member, or use any of the features in the basic permissions system
    • Available only for enterprise customers (Contact sales@launchdarkly.com to learn more)

 

How It Works

– Your teammates can now have both basic and custom roles.  In this example, “Sasha Baker” has the roles “QA Team” and “Restricted”.

Feature Flags Custom Roles LaunchDarkly

 

– Click on any teammate to manage his or her roles.  In this example, “Sasha Baker” has been assigned the custom roles “QA Team” and “Restricted”.  You have the option of assigning global roles (Reader, Writer, Admin) or custom roles (Ops Team, QA Team, Restricted + any other roles you create).

customroles_edit

 

– Click the “Roles” tab to view your custom roles or create new ones.  You may create as many roles as you like.

LaunchDarkly Feature Flags Custom Roles

 

– Add a custom policy to your role. See our documentation for details.

LaunchDarkly Feature Flags Custom Roles Policy

Getting Started

  • Custom roles is in beta and only available to enterprise customers.  If you’re interested in access to the beta, contact us at team@launchdarkly.com
  • Our documentation provides detailed instructions on implementing custom roles for your team

Share with:

FacebookTwitterGoogleLinkedInReddit


Justin Baker
Lead Product Designer at LaunchDarkly

As a designer who can code, Justin can empathize with a developer’s workflow and design intuitive interfaces to address extremely complex functionality. He has built dozens of user interfaces for high-traffic applications — winning the Best of California IT Design award in 2012. He frequently contributes feature flag management and design theory articles to DZone, Tech.co, and DesignerHub. He holds degrees from UC Davis and USC, and is finishing an MS in Information Design at Northwestern. When he’s not making developer’s lives easier, he enjoys tennis, computer games, and writing.