Cost Analysis With Role-Based Access Control

Role-Based Access Control for Business Contexts

Role-Based Access Control (RBAC) is designed to provide precise control over who can access specific cost data within an organization. This system ensures that team members only see the information relevant to their roles, enhancing both security and efficiency.

Key Benefits of RBAC in Showback

1. Controlled Access: By implementing RBAC, you can restrict access to sensitive cost information, ensuring that members only see the data pertinent to their responsibilities. Team members benefit from quick access to the precise information they need without navigating through irrelevant data.

2. Enhanced Security: Limiting access reduces the risk of unauthorized data exposure, helping to maintain a higher security standard.

3. Efficient User Management: With RBAC, managing user permissions is streamlined. Roles are defined based on job functions, and users are assigned to these roles, automatically granting them the necessary permissions.

4. Improved Accountability: With role-specific access, team members can take ownership of their cloud usage and costs, promoting a culture of accountability and cost awareness.

How RBAC works: Flexible and granular access control

Roles define the data access permissions possessed by each user. Admins can modify and assign specific access through default or custom roles. RBAC policy is flexible and aligns object-level permissions in a similar manner to AWS Identity and Access Management (IAM). 

Using RBAC, you can control access to the following policies:

Term	Definition
Showback Values	This policy grants users access to specific Showback values based on their roles. It ensures that users can view only the cost data pertinent to their responsibilities, promoting both security and relevance in the data they access.
Cost Analysis Page Default View	This policy controls the default view settings on the Cost Analysis page. It ensures that users see a tailored, role-specific view of cost data when they access this page, streamlining their ability to analyze and manage cloud costs efficiently.

Get Started with RBAC: Summary

To start using the Role-Based Access Control (RBAC) feature for Showback, follow these basic steps (described in more detail with screenshots below). 

1. Navigate to the Feature:

   • Go to nOps.

2. Access Cost Allocation:

   • Navigate to Business Context → Cost Allocation.

3. Choose the Showback:

   • Select the specific Showback you want to manage.

4. Modify Access Control:

   • Go to the detail page of the selected Showback.

   • Select the Showback values you want to include in the policy.

   • Click on Modify Access Control.

5. Create the Policy:

   • In the popup that appears, enter a Policy Name.

   • Select the checkbox if you want to grant access to the default view.

   • Select the members who should have access to these Showback values.

   • Save the policy to finalize it.

6. Manage Policies:

   • You can see the list of all policies on this page: Team Members - Policies.

Get Started with RBAC: A Complete Guide

Navigate to the Cost Allocation in Business Contexts Plus

• Go to nOps.

• Navigate to Business Context → Cost Allocation.

  

Select the Showback

• Choose the specific Showback you want to manage (e.g., "Cost Center").

• Go to the detail page of the selected Showback.

  

Modify Access Control

• Select the Showback values you want to include in the policy (e.g., 101, 102, 103).

• Click Modify Access Control.

  

Create and Configure the Policy

• In the popup that appears, enter a Policy Name.

• Select the checkbox to grant access to the default view.

• Choose the members to receive access.

• Save the policy to finalize it.

  

Viewing Policies

• You can view and manage all policies on this page: Team Members - Policies.

  

Use Cases & Examples

Let’s go through some real-world examples to illustrate how RBAC in Business Contexts Plus works.

Scenario 1: Member’s Access Without Default View and Only One Showback Access

Cost Allocation:

• When the member logs in and navigates to the Cost Allocation section, they will see only the Showback values (101, 102, 103) specified in their policy.

  

Cost Analysis

• Since the member does not have access to a default view, they will only see the Showback view without the default view option.

  

Scenario 2: Member’s Access Without Default View and Multiple Showback Access

Cost Analysis:

• Without default view access, the member will see a dropdown to change the Showback view, but they will not have the default view option available.

  

Scenario 3: Member’s Access With Default View

Cost Analysis:

• With default view access, the member will see the default view on the Cost Analysis page and will have the option to switch from the default view to the Showback view.

  

Scenario 4: Member Without Any Showback Access

Cost Allocation:

• The member will have no access to the Cost Allocation section.

  

Cost Analysis:

• The member will not be able to access the Cost Analysis page.

  

note

When creating a policy, if the user selects the “Select All” option (meaning all Showback values), any new custom Showback values added to that Showback after the policy is created will also be included in the policy. This ensures that the policy remains up-to-date with any changes or additions to the Showback values.

For instance, if you initially select all existing Showback values and later add new values to the Showback, these new values will automatically be covered by the policy, eliminating the need for manual updates.