Every organization has at least one owner. It can also have members and viewers.
Aserto manages the following artifacts for an organization:
- Connections - these are connections to external systems such as source code control systems and identity providers
- Policies - these are references to git repositories that store authorization policies
- User Directory - these are the users that Aserto has synched from one or more connected identity providers
Naturally, Aserto uses Aserto for authorization, using a simple role-based access control (RBAC) model.
The roles that Aserto supports:
- Owner: can perform all operations on an organization, including inviting other viewers, members, and owners, as well as reset the role of another member of the organization
- Member: can perform all operations on an organization except inviting others to the organization or managing organization membership
- Viewer: allowed to see all organization information, but not create or edit any organization artifacts
The Aserto policy for the Aserto API can be found here.
Learn more about how to manage Aserto organizations using the Aserto Console.