How RBAC can level up your Chaos Engineering

Tammy Butow
Principal SRE
Last Updated:
August 15, 2019
Categories:
Chaos Engineering
,

Introduction

RBAC (Roles-based access control) is a way to restrict access to certain functionality of your Chaos Engineering software. Here at Gremlin we recently released a new RBAC feature for Gremlin. RBAC is available for all Gremlin customers. Gremlin Pro customers will have more features and flexibility provided by RBAC. This enables you to ensure every Chaos Engineering practitioner at your company has the correct level of permissions for running attacks, managing users and teams, as well as configuring account settings.

Prerequisites

Before you begin this tutorial, you’ll need the following:

Step 1 - Creating a Team in Gremlin

In this step, you’ll create a new Team within Gremlin.

First, open Gremlin Company settings and ensure you have selected Gremlin Company Teams.

Next click Create Team.

create gremlin team

Now you will be able to create your team. Choose a name, for example, the team name could be SRE.

gremlin rbac name team

Next, determine which members you would like to add to your team. Here I have selected to invite Ana and Rich to my SRE team:

gremlin rbac add team members

Step 2 - View and Edit Member Roles in a Gremlin Team

In this step, you’ll edit the member roles for users in a Gremlin Team.

First, click on the three dots to the right of Ana’s name and then click Edit Roles.

gremlin rbac view team

Now we can view and Edit Team roles for Ana.

gremlin rbac edit role

Ana is currently a team member she can create, run and halt attacks, templates, schedules and has the ability to access team API management. Ana can also read team users.

gremlin rbac edit team member roles

We could alter Ana’s role and elevate her permissions by making her a Team Manager. This would give her team user, client, integration and secret management. She would be able to add users to her company, read all users, read team users, add and remove users from her team, manage team user permissions and manage team credentials.

gremlin rbac elevate perms

Step 3 - Use the Gremlin API to manage RBAC users, roles and permissions

In this step, you’ll explore how the Gremlin API can be used to automate the management of your RBAC for users, roles and permissions.

The Gremlin API docs are available to you within the Gremlin API here: https://app.gremlin.com/api.

You will find RBAC functionality under users, organizations (teams) and reports.security. The Security API is only possible to access by specific roles.

Conclusion

You've learned how RBAC (Roles-based access control) is a way to restrict access to certain functionality of your Chaos Engineering software. RBAC enables you to ensure every Chaos Engineering practitioner at your company has the correct level of permissions for running attacks, managing users and teams, as well as configuring account settings. You can also create automated reports that you audit to ensure users and roles are consistently correct and meet your expectations.

No items found.
Gremlin's automated reliability platform empowers you to find and fix availability risks before they impact your users. Start finding hidden risks in your systems with a free 30 day trial.
start your trial

Avoid downtime. Use Gremlin to turn failure into resilience.

Gremlin empowers you to proactively root out failure before it causes downtime. See how you can harness chaos to build resilient systems by requesting a demo of Gremlin.

Product Hero ImageShape