Documentation
Start typing to search…

Detailed Guide to define R&R

The guide to determine and define the Roles and Responsibilities in your organization and Umbrella Cost

Understand your organization's Structure and Needs
  • Analyze Business Processes: Understand how departments and teams operate, including workflows and dependencies.
  • Identify Sensitive Data and Systems: Pinpoint critical systems and sensitive data that require restricted access.
  • Categorize Users: Classify users by their functional roles (e.g., FinOps, DevOps, Business) and location (e.g., remote, onsite).
Define Clear and Granular Roles
  • Role-Based Access Control (RBAC): Create roles based on job functions, such as "FinOps Manager", "DevOps Engineer"
  • Hierarchy and Inheritance: Use a hierarchy where broader roles inherit permissions from more specific ones when appropriate.
Plan Least Privilege Roles
  • Limit Access to Necessity: Assign users the minimum permissions and data access necessary for their roles.
  • Avoid Broad Privileges: Avoid granting superuser or administrator rights unless required (One super admin is provided by default)
  • Use Cost Center hierarchy: Create the relevant cost center org structure. Link cost centers to roles, to cater for future changes.
Emergency and Temp Access
  • Temporary Access: Provide protocols for time-limited access for project-specific needs or contractors.
  • Custom Roles: Allow for customizable roles when standard ones don't fit specific needs. Use such roles sparingly, and allow easy monitoring of the permissions you provide in your organization.
  • Emergency Access: Define protocols for granting elevated permissions in critical situations.
User Lifecycle Management
  • Onboarding: Establish workflows for granting access to new hires based on predefined roles.
  • Transfers and Role Changes: Adjust access promptly when users change roles or departments. Switch Roles, switch cost centers.
  • Offboarding: Revoke access immediately (Disable user) when employees leave the organization.

Creating a role - Example Diagram

flowchart TD
 X0@{ shape: stadium, label: "Creating the Roles<br>in your organization" }
 A0@{ shape: subproc, label: "Configure Access<br> to the Data" }
 A3@{ shape: procs, label: "Split the sub accounts<br>To Cost Centers or Roles"}
 B1@{ shape: diamond, label: "Using<br> Cost Centers?" }
 B2(Assign Accounts Directly to Roles)
 C(Roles Are ready for assignment)
 A1(Assign Accounts to Cost Centers)
 A2(Assign Cost Centers to Roles)
 D@{ shape: stadium, label: "Users" }
 X0 --> A0
 X0 --> I0
 A0 --> A3
 A3 --> B1
 B1 -- Yes --> A1
 B1 -- No --> B2
 B2 --> C
 A1 ---> A2
 A2 --> C
 C -- Assign Role to users --> D
 
 I0@{ shape: subproc, label: "Configure Permissions" }
 I0 --> K(Use Built-in Roles to create your Custom Roles)
 K --> C

Updated 1 day ago