Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: hybrid cloud updates #243

Merged
merged 2 commits into from
Jun 26, 2024
Merged

feat: hybrid cloud updates #243

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
463e432
chore: update hc images
markphelps Jun 25, 2024
50154d3
feat: document rbac
markphelps Jun 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 46 additions & 0 deletions cloud/features/rbac.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
---
title: Role Based Access Control
description: Learn about the role-based access control options available with Flipt Hybrid Cloud
mode: "wide"
---

Role-based access control allows you to define custom roles and permissions for your team members.

![Roles](/images/cloud/features/roles.png)

You can create roles with specific permissions, such as read-only access to feature flags or the ability to create new flags. This gives you fine-grained control over who can do what in Flipt Hybrid Cloud and your Flipt instances.

## Built-in Roles

Flipt Hybrid Cloud comes with several built-in roles that you can assign to your team members:

- **Admin**: Full access to all resources and settings
- **Editor**: Can create and update most resources, but cannot delete them. Cannot access organization settings.
- **Viewer**: Read-only access to most resources, cannot create or update them. Cannot access organization settings.

![Built-In Roles](/images/cloud/features/roles-built-in.png)

Built-in roles cannot be modified or deleted, but you can create custom roles with specific permissions to meet your organization's needs.

## Custom Roles

You can create custom roles with any permissions you need. For example, you can create a role that allows users to create and update feature flags and segments, but not delete them.

![Custom Roles](/images/cloud/features/roles-custom.png)

## Assigning Roles

You can assign roles to team members after you invite them to your organization from the [user management](/cloud/features/user-management) page.

<Note>
By default, all team members are assigned the `Viewer` role when they are
invited to your organization.
</Note>

![Assign Roles](/images/cloud/features/roles-assign.png)

## Role Scope

Roles are global across your organization, so a team member's role applies to all environments and instances in your organization.

When your team members route to a Flipt instance through Flipt Hybrid Cloud, their permissions are enforced based on the role assigned to them in the organization.
6 changes: 1 addition & 5 deletions cloud/features/user-management.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,10 @@ Flipt Hybrid Cloud makes it easy to manage your team members and their permissio

![User Management](/images/cloud/features/team.png)

With features like [role-based access control\*](#role-based-access-control), you can ensure that team members have the right level of access to the features they need, while keeping sensitive data secure.
With features like [role-based access control](/cloud/features/rbac), you can ensure that team members have the right level of access to the features they need, while keeping sensitive data secure.

![Invite Users](/images/cloud/features/invite.png)

## Just in Time User Provisioning

With our [SSO](/cloud/features/authentication##single-sign-on) and Directory Sync features, you can automatically provision users in Flipt Hybrid Cloud when they log in for the first time. This makes it easy to manage access and permissions for your team members, without having to manually invite or create users.

## Role-Based Access Control

**Coming soon!** Role-based access control will allow you to define custom roles and permissions for your team members. You can create roles with specific permissions, such as read-only access to feature flags or the ability to create new flags. This gives you fine-grained control over who can do what in Flipt Hybrid Cloud and your Flipt instances.
26 changes: 6 additions & 20 deletions cloud/guides/getting-started.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,6 @@
To quickly get started with Flipt Hybrid Cloud, follow these steps:

<Steps>
<Step title="Authenticate with CLI">
Authenticate with the Flipt CLI using the following command:

```bash
flipt cloud login
```

This command will open a browser on your local machine and allow you to authenticate with your Flipt Hybrid Cloud account.

</Step>
<Step title="Connect Your Local Instance">
Connect your local Flipt instance to Flipt Hybrid Cloud using the following command:

Expand All @@ -52,22 +42,18 @@

This command will register your local Flipt instance temporarily with Flipt Hybrid Cloud. This allows you to test the integration without affecting your production environments.

After following the prompts in the CLI, you should see a success message indicating that your local instance is connected to Flipt Hybrid Cloud along with a unique address for your local instance.
![Cloud Login](/images/cloud/guides/getting-started/login.png)

Behind the scenes, Flipt Hybrid Cloud will create a secure tunnel to your local instance via what we call a gateway, allowing you to access it from anywhere in the world.

</Step>
<Step title="Login to Hybrid Cloud">
Next, log in to the Flipt Hybrid Cloud web interface using the unique address provided in the previous step. You can access the web interface by navigating to the provided address in your browser.

![Cloud Login](/images/cloud/guides/getting-started/login.png)
It will prompt you to log in to your Flipt Hybrid Cloud account and then create a secure tunnel to your local instance via what we call a gateway, allowing you to access it from anywhere in the world.

</Step>
<Step title="View Your Environments">

Once you are logged in, you will see the Flipt Hybrid Cloud dashboard. Click on the "Dashboard" tab in the sidebar to view your environments.
Once you are logged in and your instance is connected, head back to Flipt Hybrid Cloud in your browser. Click on the "Dashboard" tab in the sidebar to view your environments.

Check warning on line 52 in cloud/guides/getting-started.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'Click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'Click'", "location": {"path": "cloud/guides/getting-started.mdx", "range": {"start": {"line": 52, "column": 105}}}, "severity": "WARNING"}

You should see your new temporary address listed here under `Development Environments`.

You should see your new temporary address listed here under `Development Environments`. Click on the entry name to view more details and manage it's settings.
Click on the entry name to view more details and manage it's settings.

Check warning on line 56 in cloud/guides/getting-started.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'Click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'Click'", "location": {"path": "cloud/guides/getting-started.mdx", "range": {"start": {"line": 56, "column": 1}}}, "severity": "WARNING"}

![Cloud Dashboard](/images/cloud/guides/getting-started/dashboard.png)

Expand Down
62 changes: 17 additions & 45 deletions cloud/guides/production.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,52 +39,23 @@
</Step>
<Step title="Create a New Environment">

Once you are logged in, you will see the Flipt Hybrid Cloud dashboard. Click on the `Create Environment` to create a new environment.
Once you are logged in, you will see the Flipt Hybrid Cloud dashboard. Click on one of our suggested environments named either `Staging` or `Production`, or click on `Or something else` to create a custom environment.

Check warning on line 42 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.FutureTense] Possible future tense.

Raw Output:
{"message": "[Openly.FutureTense] Possible future tense.", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 42, "column": 29}}}, "severity": "WARNING"}

Check warning on line 42 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'Click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'Click'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 42, "column": 72}}}, "severity": "WARNING"}

Check warning on line 42 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Microsoft.We] Try to avoid using first-person plural like 'our'.

Raw Output:
{"message": "[Microsoft.We] Try to avoid using first-person plural like 'our'.", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 42, "column": 88}}}, "severity": "WARNING"}

Check warning on line 42 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'click'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 42, "column": 158}}}, "severity": "WARNING"}

![Cloud Dashboard](/images/cloud/guides/production/dashboard.png)

</Step>
<Step title="Name Your Environment">

Give your environment a name and description to help you identify it later. Click `Next` to continue.
Give your environment a name and description to help you identify it later.

Check warning on line 49 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.Clarity] Consider using 'assist' instead of 'help'

Raw Output:
{"message": "[Openly.Clarity] Consider using 'assist' instead of 'help'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 49, "column": 49}}}, "severity": "WARNING"}

![Name Environment](/images/cloud/guides/production/environment-form.png)

</Step>
<Step title="View Environment">

After you've created your environment, go back to the dashboard and you should it in the list.

![Environment Dashboard](/images/cloud/guides/production/environments.png)

Next, click on the environment name to view more details.

Here you can view it's settings and manage your environment.

![Environment Details](/images/cloud/guides/production/environment-details.png)

</Step>
<Step title="Create an Environment API Key">

In order authenticate your running Flipt instance with your new environment in Flipt Hybrid Cloud, you'll need to create an API token.

Click on the `Configuration` tab in the environment details page and then click on the `Environment API Key` button.

![Environment API Key](/images/cloud/guides/production/environment-api-key.png)

Copy the API key and save it for later.

<Warning>
The API key is a secret token that allows your Flipt instances to authenticate with your environment in Flipt Hybrid Cloud. Keep it secure and do not share it with anyone.

If you lose your API key, you can always generate a new one by following the same steps.

</Warning>

</Step>
<Step title="Download Configuration">

Next, click on the `Download Configuration` button to download the configuration file for your instance.
Next, click on the `Download` button to download the configuration file for your instance.

Check warning on line 56 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'click'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 56, "column": 7}}}, "severity": "WARNING"}

![Download Configuration](/images/cloud/guides/production/download-configuration.png)

This configuration file contains the required settings for your instance to connect to your environment in Flipt Hybrid Cloud.

Expand Down Expand Up @@ -125,21 +96,21 @@

</Step>

<Step title="Refresh Environment Details">

After you've started your Flipt instance, go back to the Flipt Hybrid Cloud dashboard and refresh the page.
<Step title="Connection Successful">

You should see that your environment is now connected and showing one active connection.
After you've started your Flipt instance, go back to the Flipt Hybrid Cloud and you should see a successful connection message.

![Environment Details](/images/cloud/guides/production/environment-connected.png)
![Environment Connected](/images/cloud/guides/production/environment-connected.png)

</Step>

<Step title="Route to Your Instance">

Click on the URL to route to your instance. The address will look something like `https://{environment}-{organization}.flipt.cloud`.
Click on the `All done!` button to be taken back to the Flipt Hybrid Cloud dashboard.

Check warning on line 109 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'Click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'Click'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 109, "column": 1}}}, "severity": "WARNING"}

![Dashboard Connected](/images/cloud/guides/production/dashboard-connected.png)

This will route to your local Flipt instance in your browser.
Click on the URL in the `Host` column to route to your instance.

Check warning on line 113 in cloud/guides/production.mdx

View workflow job for this annotation

GitHub Actions / Vale 

[vale] reported by reviewdog 🐶
[Openly.A11Y] Consider using ''select'' instead of 'Click'

Raw Output:
{"message": "[Openly.A11Y] Consider using ''select'' instead of 'Click'", "location": {"path": "cloud/guides/production.mdx", "range": {"start": {"line": 113, "column": 1}}}, "severity": "WARNING"}

![Flipt](/images/cloud/guides/production/flipt.png)

Expand Down Expand Up @@ -172,13 +143,14 @@
Unlike in the [Getting Started](/cloud/guides/getting-started) guide, the address provided in the Flipt Hybrid Cloud dashboard is a permanent route to your instance. You can access your instance through this address at any time and it will not expire.

<Note>
The connection is valid as long as your API Key stays the same. If you need to
regenerate your API Key, you can generate a new one by following the same
steps.
The connection is valid as long as your API Key stays the same.

If you need to regenerate your API Key, you can generate a new one by clicking on the environment in the Flipt Hybrid Cloud dashboard and clicking on the `Configuration` tab.

</Note>

## What's Next?

Now that you have successfully connected your permanent instance to Flipt Hybrid Cloud, you can start creating feature flags and managing your feature flag configurations.

You can now learn more about the advanced features and capabilities available to you such as [Single Sign-On](/cloud/features/authentication) and [Audit Logs](/cloud/features/audit-logs).
You can now learn more about the advanced features and capabilities available to you such as [Single Sign-On](/cloud/features/authentication), [Role-Based Access Control](/cloud/features/rbac), and [Audit Logs](/cloud/features/audit-logs).
Binary file modified images/cloud/features/invite.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/features/roles-assign.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/features/roles-built-in.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/features/roles-custom.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/features/roles.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified images/cloud/features/team.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified images/cloud/guides/getting-started/dashboard.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/guides/production/dashboard-connected.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified images/cloud/guides/production/dashboard.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/cloud/guides/production/download-configuration.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed images/cloud/guides/production/environment-api-key.png
View file
Open in desktop
Binary file not shown.
Binary file modified images/cloud/guides/production/environment-connected.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed images/cloud/guides/production/environment-details.png
View file
Open in desktop
Binary file not shown.
Binary file modified images/cloud/guides/production/environment-form.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed images/cloud/guides/production/environments.png
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions mint.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,7 @@
"pages": [
"cloud/features/authentication",
"cloud/features/user-management",
"cloud/features/rbac",
"cloud/features/audit-logs"
]
}
Expand Down
Loading