Node Permissions

Last update: Edit

1 Introduction

Fine-grained access management for your Mendix Cloud environments is handled in the Node Permissions tab of the Security page for your app. See App Settings.

Here, the Technical Contact can manage various permissions to the environments for each team member.

Each team member can subscribe to, or unsubscribe from, the alerts,

See App Roles to learn more about the roles of team members.

2 Viewing Your Nodes

To find a list of all the Mendix Cloud nodes to which you have access, click the Switch-to menu in the Developer Portal and choose Cloud.

Licensed Mendix Cloud nodes

You will see a list of all your nodes:

Licensed Mendix Cloud nodes

Clicking Environments will take you to the Environments page for the app that is deployed to this node.

3 Node Permissions

Node permissions allow you to give specific access to your nodes to individual members of a team.

3.1 User Roles for Managing Permissions

Only users with the Technical Contact role can manage the permission settings for the cloud node.

The permissions are set independently for each environment. You can choose the environment at the top of the Node Permissions tab. Changing the permissions for a production environment will require two-factor authentication (see Two-Factor Authentication).

Only team members who have permission to Deploy, Publish, and Monitor can view the node permissions.

3.3 Accessing Node Permissions

To access the node permissions, do the following:

  1. Click Security for your app.

  2. Open the Node Permissions tab.

  1. Select the environment for which you want to change permissions from the drop-down.

  2. Complete two-factor authentication, if required for the selected environment.

3.3 Node Permissions

The Technical Contact can set the following node permissions.

3.3.1 Transport Rights

With Transport Rights you can deploy new versions of the application to the node. You can also create new deployment packages, stop and start the environment, and change configuration settings such as constants and scheduled events.

For more information about deployment, see Mendix Cloud.

3.3.2 Access to Backups

The Access to Backups permission grants access to the backups of the environment. You can view, create, download, and restore backups.

For more information, see Backups.

3.3.3 Receive Alerts

When Receives Alerts is checked, this user will receive an email when an alert is triggered.

Alerts are triggered by any of the following circumstances:

  • the app goes offline unexpectedly
  • the application logs a message with level Critical
  • the health check fails
  • one of a number of infrastructure problems occurs

3.3.4 API Rights

With API rights, you can use the Deploy API to get programmatic access to the environment.

As the API does not require two-factor authentication, it is disabled for the production environment by default. The Technical Contact can assign API access for each user.

3.3.5 Access to Monitoring

With the Access to Monitoring permission, you can view the application metrics, logs, and alerts in the Developer Portal. This allows you to successfully operate your Mendix Cloud environments.

For more information, see Metrics, Logs, and Alerts.

4 Downloading Node Permissions

You may want to have a complete list of node permissions for audit purposes. The Technical Contact can download a list of permissions as a CSV by clicking the Download to CSV button.

The CSV will contain a list of environments, users, and their respective permissions.

5 Technical Contact

A cloud node has a single Technical Contact. They manage the cloud node and can edit the privileges of regular team members.

The Technical Contact can give the technical contact role to another team member. Click Change to Technical Contact under the user who should be the new Technical Contact. After this, the new user has the Technical Contact role, the old user does not.

For full details of the role of the Technical Contact, see Technical Contact.