Announcing role based access control for API keys for more control over automation
Note: Team-level API keys will continue to function until 6/15/2021, at which point Gremlin will only support user-level API keys. Please migrate your existing API keys to user-level API keys by logging into the Gremlin web app and clicking Account Settings. Please contact us if you need assistance.
Today, Gremlin is excited to announce the ability to create an API key that can perform actions with the same set of permissions as your user account. This allows you to automate Gremlin tasks safely and securely.
Gremlin has always enabled an API-first approach to the product. Customers use our existing API keys to automate creating, starting and halting chaos experiments. As Chaos Engineering is onboarded into enterprises, users need to automate all aspects of Gremlin so they can focus their efforts on improving the reliability of their service rather than system administration. With RBAC for API keys, each API key now shares the same permissions as the user who created it.
Enabling more API automation
API keys are currently used mainly to automate chaos experiments. With this release, we’ve greatly expanded the types of automation available to API keys to include adding and removing users, managing agent certificates and secret keys, and generating reports, in addition to running chaos experiments.
Stronger security controls
API keys are now associated at the user level, enabling you to create service accounts that follow the principle of least privilege and comply with your security requirements. This makes it easier for security teams to revoke API keys when an employee leaves the company without impacting other automated workflows.
More visibility into team activities
Company Managers have complete visibility into the creation and usage of API keys. This enables them to see which API keys are being created and used by their organization, which user created which key, and when a key was last used.
Migrate your API keys today
With this release, we will be deprecating team-level API keys in favor of user-level API keys. You can continue to use, revoke, and reinstate your existing API keys, but any newly created API keys will be created at the user level. Start migrating your API keys by signing into your Gremlin profile and generating a new key. If you haven’t yet created API keys, this is the perfect time to jump start your reliability program through automation.
Gremlin's automated reliability platform empowers you to find and fix availability risks before they impact your users. Start finding hidden risks in your systems with a free 30 day trial.sTART YOUR TRIAL
What is Failure Flags? Build testable, reliable software—without touching infrastructure
Building provably reliable systems means building testable systems. Testing for failure conditions is the only way to...
Building provably reliable systems means building testable systems. Testing for failure conditions is the only way to...Read more
Introducing Custom Reliability Test Suites, Scoring and Dashboards
Last year, we released Reliability Management, a combination of pre-built reliability tests and scoring to give you a consistent way to define, test, and measure progress toward reliability standards across your organization.
Last year, we released Reliability Management, a combination of pre-built reliability tests and scoring to give you a consistent way to define, test, and measure progress toward reliability standards across your organization.Read more