Role-Based Access Control (RBAC) + Fine-Grained API Keys

We are excited to announce the release of two new features that will enhance the security and and resource protection capabilities of Zuplo: Role-Based Access Control (RBAC) and Fine-Grained API Keys. These features are available as a paid-addon to customers on enterprise plans. Contact your account manager or sales@zuplo.com to inquire about pricing.

Role-Based Access Control (RBAC)#

Role-Based Access Control allows you to assign specific roles to users who access the Zuplo Portal. These roles determine the permissions that users have and the actions they can perform. For example, you can assign roles such as "Admin", "Developer", or "Viewer", each with different levels of access to resources and functionality.

With RBAC, you can:

• Assign roles to users based on their responsibilities and access requirements.
• Limit access to production resources to only select users.
• Enable more users access to the Zuplo Portal, such as API Analytics, without compromising security.

See the Account Members & Roles documentation for more information.

Fine-Grained API Keys#

Developers can use Zuplo's CLI and API to automate tasks with the Zuplo platform. For example, you can create a custom CI/CD process to publish your Zuplo API or automate the management of environment variables. Previously, each account had only a single API key, which granted full access to all resources and functionality. With Fine-Grained API Keys, you can create multiple API keys with limited permissions.

These new capabilities allow:

• Create API keys with specific permissions for specific tasks, environments, or projects.
• Set expiration dates on API Keys to ensure that they are only valid for a limited time.
• Administrators can view and manage all API keys in the Zuplo portal to maintain security of their resources.

See the Zuplo API Key documentation for more information.