CloudBeaver Documentation

DOWNLOAD pdf

Teams

Overview

The CloudBeaver provides a team management feature, allowing administrators to create and manage teams. This feature is integral for organizing users into groups and controlling their access to various databases.

Team creation

To create a new team, follow these steps:

  1. Navigate to the Settings -> Administration -> Users and Teams -> Teams.
  2. Click on the + Add button.
  3. Fill in the necessary details in the provided fields.

Field Name Description Additional Info
Team ID A unique identifier for the team.
Team Name The name of the team.
Description A brief description of the team and its purpose.
Permissions Specifies the level of access the team has. Admin Full Access checkbox provides complete access to CloudBeaver configuration.
Parameters Additional parameters based on the authentication provider. Read more about Integration with Identity Providers.

Note:

Predefined Team types

CloudBeaver includes two predefined Team types:

Types Description
admin Members of this Team have full administrative privileges within CloudBeaver.
user This Team is for regular users. Administrators assign access to databases (in Team Edition, access to projects) to this team.

Tip: Administrators can configure the predefined types in the Server Settings. For more information, see Initial data configuration.

Integration with Identity Providers

You have the ability to integrate Teams with various identity providers. This integration allows for the utilization of roles and groups defined by your identity provider to manage Team memberships automatically.

Configuration steps

  1. When creating or editing a Team, navigate to the Parameters section.
  2. Here, depending on your identity provider, you can associate the Team with a specific identity attribute:
Provider Attribute Related articles
AWS AWS Role ARN AWS OpenID, AWS OpenID via Okta
SAML SAML Group ID SAML configuration
Microsoft Entra ID Microsoft Entra ID Group ID Microsoft Entra ID
Okta OpenID OKTA Group ID Okta OpenID

Automatic membership management

Once the integration is set up, whenever a user authenticated by the configured identity provider logs into CloudBeaver, the application will check for matching identity attributes. If there is a match with any of the defined parameters within CloudBeaver's Teams, the user will be automatically assigned to the appropriate Team.

Updating Team memberships

For the changes to take effect, especially in cases where group memberships are updated:

  • Users may need to log off and log back in through the Single Sign-On (SSO).
  • Alternatively, users can wait for the session to timeout.

These actions ensure that the updated claims from the identity provider are received by CloudBeaver, thereby refreshing the Team memberships.

User management

In the Users tab, you can manage Team memberships:

  • To add a user to the Team, click Edit, select the desired users, and then click Add.
  • To remove a user from the Team, select the user and click Delete.

Tip: One user can be a member of a multiple Teams.

Connection management

In the Connections tab, you can manage which connections are available to the Team:

  • To add connections to the Team, click Edit, choose the desired connections, and then click Add.
  • To remove connections from the Team, select the connection and click Delete.

Note: In Team Edition, teams are granted access to projects, not directly to connections.