Honeycomb uses a tiered system of access control to provide granular access to its endpoints.
Honeycomb’s mission is to empower engineering teams to debug production systems. Many defaults are chosen to enable and support the ambient broadcasting and sharing of knowledge.
Our permissions philosophy centers around minimizing behaviors that may be destructive or disruptive to fellow team members’ query activity.
| Owner | Member | |
|---|---|---|
| Promote other team owners | ✔ | |
| Make team SSO-only | ✔ | |
| Upgrade and adjust pricing | ✔ | |
| Invite new users / accept join requests | ✔ | |
| Create new teams | ✔ | ✔ |
| Create, edit, and disable API keys | ✔ | |
| Redact API Keys* | ✔ | ✔ |
| View redacted API Keys | ✔ | |
| View non-redacted API Keys | ✔ | ✔ |
Environments can only be created by a team owner.
| Owner | Member | |
|---|---|---|
| Create environment | ✔ | |
| Edit environment display For example, environment descriptions. |
✔ | ✔ |
Datasets may be queried on by any member of the team and query history is visible to all members of the team.
| Owner | Member | |
|---|---|---|
| Run queries | ✔ | ✔ |
| Annotate queries | ✔ | ✔ |
| Delete a dataset | ✔ | |
| Edit dataset ingest settings for example, nested JSON |
✔ | |
| Edit dataset schema settings for example, column types, column max lengths |
✔ | ✔ |
| Edit dataset display for example, column descriptions, dataset descriptions, aliases |
✔ | ✔ |
Boards can be created by anybody and default to being public. Any public boards will be accessible and editable by the members of your team.
Boards may be marked as “Limited [access]” and will be visible only by the creator and any team owners. The board creator may take the board public at any time. Other members will not be able to add or edit queries to a limited access board unless explicitly added as a collaborator by the creator.
| Owner | Member | |
|---|---|---|
| Create public boards | ✔ | ✔ |
| View public boards | ✔ | ✔ |
| Create limited access boards | ✔ | ✔ |
| Make limited access boards public | ✔ | ✔ |
| Add collaborators to a limited access board | ✔ | ✔ |
| Add queries and metadata to boards | ✔ | ✔ |
| Edit queries and metadata on boards | ✔ | ✔ |
| View anybody’s limited access board | ✔ | |
| Delete public boards | ✔ | ✔ |
| Delete anybody’s limited access board | ✔ |
Triggers are creatable, editable, and viewable by all members in a team. Clear attribution on triggers communicate which team member created or last edited a particular trigger.
| Owner | Member | |
|---|---|---|
| Create triggers | ✔ | ✔ |
| View triggers | ✔ | ✔ |
| Edit/delete triggers | ✔ | ✔ |
Derived columns may be created on a Dataset or an Environment by any member of the team. As with boards, derived columns may only be deleted by the creator or a team owner.
Read more about Derived Columns.
| Owner | Member | |
|---|---|---|
| Create derived columns | ✔ | ✔ |
| Edit derived columns | ✔ | ✔ |
| Delete own derived column | ✔ | ✔ |
| Delete any derived column | ✔ |
