Skip to main content

Aserto Organizations

The organization provides the context for the artifacts that are managed by Aserto - connections, policies, and the user directory. You can think of it like a GitHub organization.

Every organization has at least one owner. It can also have members and viewers.

Artifacts#

Aserto manages the following artifacts for an organization:

  • Connections - these are connections to external systems such as source code control systems and identity providers
  • Policies - these are references to git repositories that store authorization policies
  • User Directory - these are the users that Aserto has synched from one or more connected identity providers

Role-based access control#

Naturally, Aserto uses Aserto for authorization, using a simple role-based access control (RBAC) model.

The roles that Aserto supports:

  • Owner: can perform all operations on an organization, including inviting other viewers, members, and owners, as well as reset the role of another member of the organization
  • Member: can perform all operations on an organization except inviting others to the organization or managing organization membership
  • Viewer: allowed to see all organization information, but not create or edit any organization artifacts

The Aserto policy for the Aserto API can be found here.

Learn more about how to manage Aserto organizations using the Aserto Console.