Node Permissions

Last update: Download PDF Edit

1 Introduction

Fine-grained access management for your Mendix Cloud environments is handled in the Node Permissions tab of the Security page for your app. See App Settings.

Here, the Technical Contact can manage various permissions to the environments for each team member.

Each team member can subscribe to, or unsubscribe from, the alerts,

See Company & App Roles to learn more about the roles of app team members.

2 Node Permissions

Node permissions allow you to give specific access to your nodes to individual members of a team.

To access the node settings, click Security and open the Node Permissions tab.

2.1 User Roles for Managing Permissions

Only users with the Technical Contact role can manage the permission settings for the cloud node.

The permissions are set independently for each environment. You can choose the environment at the top of the Node Permissions tab. Changing the permissions for a production environment will require two-factor authentication (see Two-Factor Authentication).

Only App Team members who have permission to Deploy, Publish, and Monitor can view the node permissions.

2.2 Node Permissions

The Technical Contact can set the following node permissions.

2.2.1 Transport Rights

With Transport Rights you can deploy new versions of the application to the node. You can also create new deployment packages, stop and start the environment, and change configuration settings such as constants and scheduled events.

For more information about deployment, see Mendix Cloud.

2.2.2 Access to Backups

The Access to Backups permission grants access to the backups of the environment. You can view, create, download, and restore backups.

For more information, see Backups.

2.2.3 Receive Alerts

When Receives Alerts is checked, this user will receive an email when an alert is triggered.

Alerts are triggered by any of the following circumstances:

  • the app goes offline unexpectedly
  • the application logs a message with level Critical
  • the health check fails
  • one of a number of infrastructure problems occurs

2.2.4 API Rights

With API rights, you can use the Deploy API to get programmatic access to the environment.

As the API does not require two-factor authentication, it is disabled for the production environment by default. The Technical Contact can assign API access for each user.

2.2.5 Access to Monitoring

With the Access to Monitoring permission, you can view the application metrics, logs, and alerts under the Operate category in the Developer Portal. This allows you to successfully operate your Mendix Cloud environments.

For more information, see Metrics, Logs, and Alerts.

3 Technical Contact

A cloud node has a single Technical Contact. They manage the cloud node and can edit the privileges of regular team members.

The Technical Contact can give the technical contact role to another team member. Click Change to Technical Contact under the user who should be the new Technical Contact. After this, the new user has the Technical Contact role, the old user does not.

For full details of the role of the Technical Contact, see Technical Contact.