-
Notifications
You must be signed in to change notification settings - Fork 392
Teams
The CloudBeaver provides a team management feature, allowing administrators to create and manage teams. This feature is integral for organizing users into groups and controlling their access to various databases.
To create a new team, follow these steps:
- Navigate to the Settings -> Administration -> Users and Teams -> Teams.
- Click on the + Add button.
- Fill in the necessary details in the provided fields.
Field Name | Description | Additional Info |
---|---|---|
Team ID | A unique identifier for the team. | |
Team Name | The name of the team. | |
Description | A brief description of the team and its purpose. | |
Permissions | Specifies the level of access the team has. | Admin Full Access checkbox provides complete access to CloudBeaver configuration. |
Parameters | Additional parameters based on the authentication provider. | Read more about Integration with Identity Providers. |
Note:
- The Parameters section is available in Enterprise, AWS and Team editions only and becomes accessible when configuring certain authentication providers.
- In CloudBeaver Team Edition, Permissions are set through assigned Roles.
CloudBeaver includes two predefined Team types:
Types | Description |
---|---|
admin |
Members of this Team have full administrative privileges within CloudBeaver. |
user |
This Team is for regular users. Administrators assign access to databases (in Team Edition, access to projects) to this team. |
Tip: Administrators can configure the predefined types in the Server Settings. For more information, see Initial data configuration.
You have the ability to integrate Teams with various identity providers. This integration allows for the utilization of roles and groups defined by your identity provider to manage Team memberships automatically.
- When creating or editing a Team, navigate to the Parameters section.
- Here, depending on your identity provider, you can associate the Team with a specific identity attribute:
Provider | Attribute | Related articles |
---|---|---|
AWS | AWS Role ARN |
AWS OpenID, AWS OpenID via Okta |
SAML | SAML Group ID |
SAML configuration |
Microsoft Entra ID | Microsoft Entra ID Group ID |
Microsoft Entra ID |
Okta OpenID | OKTA Group ID |
Okta OpenID |
Once the integration is set up, whenever a user authenticated by the configured identity provider logs into CloudBeaver, the application will check for matching identity attributes. If there is a match with any of the defined parameters within CloudBeaver's Teams, the user will be automatically assigned to the appropriate Team.
For the changes to take effect, especially in cases where group memberships are updated:
- Users may need to log off and log back in through the Single Sign-On (SSO).
- Alternatively, users can wait for the session to timeout.
These actions ensure that the updated claims from the identity provider are received by CloudBeaver, thereby refreshing the Team memberships.
In the Users tab, you can manage Team memberships:
- To add a user to the Team, click Edit, select the desired users, and then click Add.
- To remove a user from the Team, select the user and click Delete.
Tip: One user can be a member of a multiple Teams.
In the Connections tab, you can manage which connections are available to the Team:
- To add connections to the Team, click Edit, choose the desired connections, and then click Add.
- To remove connections from the Team, select the connection and click Delete.
Note: In Team Edition, teams are granted access to projects, not directly to connections.
- Application overview
- Demo Server
- Administration
- Server configuration
- Create Connection
- Connection Templates Management
- Access Management
-
Authentication methods
- Local Access Authentication
- Anonymous Access Configuration
- Reverse proxy header authentication
- LDAP
- Single Sign On
- SAML
- OpenID
- AWS OpenID
- AWS SAML
- AWS IAM
- AWS OpenId via Okta
- Snowflake SSO
- Okta OpenId
- Cognito OpenId
- JWT authentication
- Kerberos authentication
- NTLM
- Microsoft Entra ID authentication
- Google authentication
- User credentials storage
- Cloud Explorer
- Cloud storage
- Query Manager
- Drivers Management
- Supported databases
- Accessibility
- Keyboard shortcuts
- Features
- Server configuration
- CloudBeaver and Nginx
- Domain manager
- Configuring HTTPS for Jetty server
- Product configuration parameters
- Command line parameters
- Local Preferences
- API
-
CloudBeaver Community
-
CloudBeaver AWS
-
CloudBeaver Enterprise
-
Deployment options
-
Development