📅  Join ProsperOps at FinOps X in San Diego! Learn More & RSVP »

logo
All blog posts
Product

Introducing Custom Roles for Autonomous Discount Management

Originally Published July, 2024 · Last Updated August, 2024

By:

Joe Benincasa

Director of Product Management

Introducing Custom Roles for Autonomous Discount Management

Custom roles enable separate ProsperOps Console permissions for each AWS Organization and Google Cloud Billing Account, giving FinOps teams more granular access to capabilities and information without sacrificing privacy and security. 

Owner, Editor, and Viewer Roles

Until now, users in the ProsperOps Console could only be granted either Owner, Editor, or Viewer roles across all configured cloud billing entities (e.g. AWS Organizations, Google Cloud Billing Accounts). 

  • Owners have full access to the ProsperOps Console, including the abilities to view and manage users and billing. 
  • Editors cannot manage users or billing but can add new cloud billing entities, configure cloud provider access, and view console dashboards. 
  • Viewers do not have any access to user management or billing but have read-only access to the rest of the console. 

Larger, more complex enterprises and multi-cloud customers (who have more than one AWS Organization and/or Google Cloud billing account) often have separate teams responsible for each cloud billing entity. For these customers, configuring least privilege access in the ProsperOps Console was challenging as Owner, Editor, and Viewer roles granted access to all configured cloud billing entities.

Custom Roles

Custom roles address this problem by allowing ProsperOps Console users to specify different permissions for each AWS Organization and Google Cloud Billing Account. This improves security and removes friction for customers adding more cloud billing entities for ProsperOps automated management.

Custom roles allow either Editor or Viewer permissions to be individually granted to AWS Organizations and Google Cloud Billing Accounts. For example, a ProsperOps Console user might have Editor rights for one cloud billing entity and Viewer rights for another. Or a user might have Viewer rights for one cloud billing entity only and no permissions for anything else. All users with an Owner role have the ability to configure Custom roles.

Note: Custom roles are not available for customers who have configured OIDC/SAML identity federation with the ProsperOps Console.

introducing-blog

Creating a User with a Custom role that specifies Editor rights for an AWS Organization and Viewer rights for a Google Cloud Billing Account.

Get Started 

Custom roles are available today in the User Management section of the ProsperOps Console for all new and existing customers at no additional charge. 

Learn more about Custom roles by exploring our docs or speaking with your ProsperOps FinOps expert.

Prosper On! 🖖

Joe Benincasa, Principal Product Manager

Get Started for Free

Sign Up

Latest from our blog

Introducing ProsperOps Scheduler
Product

Introducing ProsperOps Scheduler

Read More
How to Use Azure Cost Analysis for Better Cloud Cost Management
Azure

Azure Hybrid Benefit Explained: What It Is and How It Works

Read More
Google Cloud SQL Pricing and Cost Optimization
Google Cloud

Google Cloud SQL: Pricing and Cost Optimization

Read More

Request a Free Savings Analysis

3 out of 4 customers see at least a 50% increase in savings.

Get a deeper understanding of your current cloud spend and savings, and find out how much more you can save with ProsperOps!

  • Visualize your savings potential
  • Benchmark performance vs. peers
  • 10-minute setup, no strings attached

Submit the form to request your free cloud savings analysis.

prosperbot