Manage Organizations and Access

  • Capella Operational
  • concept
    +
    All clusters in Couchbase Capella are grouped into organizations and projects. You can add projects to organizations to group related clusters together. Use organization roles and project roles to control your users' access.
    In the v4 Management API, clusters are called clusters.

    About the Capella Hierarchy

    Couchbase Capella uses an organizational hierarchy to help you keep all of your data organized and securely accessible. At the top of the hierarchy is an organization. Everything you do in Capella, from creating a cluster to managing billing, happens inside the scope of an organization.

    All projects exist inside an organization. Use projects to group and manage clusters inside Capella. For example, you could use projects to create separate environments for production and development or group your clusters by application:

    svg

    About Organizations

    Add users to an organization by sending them invitations. Users can create a new Capella account when they receive an invitation to an organization. Users can join organizations with an existing Capella account.

    When you create a new Capella account without an invitation to an existing organization, Capella automatically creates a new organization for you, named My Organization.

    All users in an organization are assigned 1 or more organization roles. Use organization roles to control user access and privileges inside an organization for the Capella UI. Organization roles set whether a user can create a new project, invite new users, or view billing information in the UI.

    For example, if a user has the Organization Member role, they cannot manage API keys or view billing information in the Capella UI.

    For more information about the available organization roles in Capella, see Organization Roles.

    About Projects

    Create projects inside an organization to organize clusters and control user access to clusters.

    Add a user to a project as a collaborator to set project roles and control their privileges for clusters inside that project. Project roles can set whether a user can read and write data on clusters, only read data, or only configure and delete clusters.

    For example, if a user only has the Project manager project role, they cannot use the Data Tools tab to access and modify data for clusters in that project.

    If that same user had the Cluster Data Reader/Writer project role in the same project, they could use the Data Tools tab to access and modify data on clusters in that project.

    For more information about the available project roles in Capella, see Project Roles.

    Programmatic and Application Access

    Control programmatic and application-level access to data on your clusters with database access credentials. You can choose specific buckets and scopes for your cluster access credentials to limit access to data.

    Create cluster access credentials for each cluster in a project. You can only create cluster access credentials if you have the Project Owner role for that cluster’s project.