Roles and permissions

Honeycomb’s mission is to empower engineering teams to debug production systems. Many defaults are chosen to enable and support the ambient broadcasting and sharing of knowledge.

Our permissions philosophy centers around minimizing behaviors that may be destructive or disruptive to fellow team members' query activity.

Types of roles in Honeycomb 🔗

Team Owners control billing and destructive actions for the team. Owners are also able to override member privacy settings.
Team Members (the default role for everyone) are able to view all public resources, add metadata, and make non-destructive configuration changes at the dataset level.

Team Membership and Billing 🔗

	Owner	Member
Promote / demote other team owners	✔
Make team SSO-only	✔
Upgrade and adjust pricing	✔
Invite new users / accept join requests	✔
Create new teams	✔	✔
Create, edit, and disable API keys	✔
Redact API Keys*	✔	✔
View redacted API Keys	✔
View non-redacted API Keys	✔	✔

* Redacting API keys is not available to our Teams that are using Secure Tenancy

Datasets 🔗

Datasets may be queried on by any member of the team and query history is visible to all members of the team.

	Owner	Member
Run queries	✔	✔
Annotate queries	✔	✔
Delete a dataset	✔
Edit dataset ingest settings e.g. nested JSON, etc.	✔
Edit dataset schema settings e.g. column types, column max lengths, etc.	✔	✔
Edit dataset display e.g. column descriptions, dataset descriptions, aliases, etc.	✔	✔

Boards 🔗

Boards can be created by anybody and default to being public. Any public boards will be accessible and editable by the members of your team.

Boards may be marked as “Limited [access]” and will be visible only by the creator and any team owners. The board creator may take the board public at any time. Other members will not be able to add or edit queries to a limited access board unless explicitly added as a collaborator by the creator.

	Owner	Member
Create public boards	✔	✔
View public boards	✔	✔
Create limited access boards	✔	✔
Make limited access boards public	✔	✔
Add collaborators to a limited access board	✔	✔
Add queries and metadata to boards	✔	✔
Edit queries and metadata on boards	✔	✔
View anybody’s limited access board	✔
Delete public boards	✔	✔
Delete anybody’s limited access board	✔

Triggers 🔗

Triggers are creatable, editable, and viewable by all members in a team. Clear attribution on triggers communicate which team member created or last edited a particular trigger.

	Owner	Member
Create triggers	✔	✔
View triggers	✔	✔
Edit/delete triggers	✔	✔

Derived Columns 🔗

Derived columns may be created on a dataset by any member of the team. As with boards, derived columns may only be deleted by the creator or a team owner.

	Owner	Member
Create derived columns	✔	✔
Delete own derived column	✔	✔
Delete anybody’s derived column	✔

Honeycomb.io Docs