Application Access Management

Lens AppIQ allows you to fine tune the users that should have access to an application. This can be done via our Dashboard and via our CLI.

Dashboard

You can use the dashboard to oversee application access for various teams in order to specify which teams have operational capabilities on the application.

There are two pages from where we can manage the application access. The application details page and the teams page.

Application Details Page

To navigate to the applications detail's page simply click on the application you wish to modify from the applications table or click on its View action.

Once you've been redirected to the details page, locate the CONFIGURE button on the upper right side of the screen. Click on the button and then click on the TEAM ACCESS option.

Now all that is left to do is to select all the teams that should have access to the application. All the users belonging to any of those teams will have access granted.

Teams Page

Now we will take a look at how we can grant application access to a team from the team details. There are two places where we can manage the application access: the teams table, and the applications table within the team details page.

Granting Access - Teams Table

To navigate to the teams page and locate the team you want to grant application access to. Simply click on the Actions column and then click Grant.

Next you will see a list of all the applications that are available. They are listed by cluster, namespace, and the name of the application.

Here you can select the applications that the team should have access to. Any checkbox that is disabled is an indication that the team already has access to that application.

Simply click the Grant button and you're done! The team will have access to all the applications that were selected.

Granting Access - Teams Detail

To navigate to the team details page click on the team name or on the View option from the Actions column.

Now navigate to the Applications where you will see all the applications that the team has access to.
By clicking on the Grant Access we see the same application list mentioned above.

Simply select the applications that the team should have access to and you're finished!

Revoking Access - Teams Detail

In order to remove a team's access to an application from the teams page, you will need to navigate to that team's details page and then click on the Applications tab.

Locate the application that the team should no longer have access to and click on the Revoke Access option from the Actions column.

A popup will appear asking you to confirm the action. Click on the Yes! button and the team will have its access to the application revoked.

CLI

You can also use the CLI to oversee application access for your teams by either granting or revoking the access.

Granting Application Access To A Team

Operators can use the app grant command to allow a team to access a specific application. A user needs to be a member of a team with access to the application to allow another team to access it.

lapps app grant <teamname> [-a/--app appname]

Flags:

FlagDescription
-a, --appapplication name

Revoking Application Access From A Team

Operators can use the app revoke command to revoke a team’s permission to access an application. Access to the application is first required to revoke access from a team.

lapps app revoke <teamname> [-a/--app appname]

Note: An application cannot be orphaned. It must always have at least one authorized team.

Flags:

FlagDescription
-a, --appapplication name