Users in Lenses have different abilities depending on the access level they have in a particular group. Users may belong to multiple groups. In this guide you'll see how to create groups and authorize user access.
In Lenses, a permission allows a user to view a type of information or perform an action to a specific resource.
Group is a collection of permission defines the level of access for users belong to it. You can define multiple groups based on your License to define roles or projects.
By default Lenses does not provide any group. You need to define them. There is a default admin user to login for the first time. Group permissions are cumulative. That means that the higher permission takes priority.
Learn more about the permission types and the detailed permission matrix
To be able to view, create or modify Groups you need to be authorized with the User Management permission.
Access management permission matrix
To create a new Group, navigate to the Admin and select Groups and New Group. For every Group you have to set the data namespaces for Kafka or other available connections to data sources.
Name your Group and add data namespaces to view data to a source. By default, Kafka is available. Namespace is a collection of expressions based on the dataset name. You can add multiple expressions in the same entry and also have multiple namespace entries.
While creating a User or Service Account you can select one or multiple Groups.
If mutliple groups are selected, permissions work inclusive:
User assigned to group A and group B will have permissions for both customer_details and frauds_detection topics.
You can clone an existing Group. This will copy the permissions of the original group but not the Users or Service Accounts belonging to this Group.
You can Edit. Clone or Delete a Group by navigating to the Group details and select the actions menu at the right top of the page.
Lenses supports 3rd party identity providers for authentication. Based on the provider, you can configure your service by following the configuration instructions during your setup.
Groups are also supported by the CLI to enable automation scenarios.
CLI - API
On this page