Logo

Features

Nobl9 TechDocs: Features

Back to Nobl9 Documentation

Features

RBAC

Nobl9 supports Role-Based Access Control (RBAC) to enable granular user permissions and access to resources in the Nobl9 platform.

There are two levels of permissions (1) the Organization level and (2) the Project level:

Projects in the Nobl9 Platform

Projects are the primary logical grouping of resources in the Nobl9 platform. They are intended for use in Organizations where many users are spread across multiple teams and/or departments. Projects group and organize all resources between various users in the Nobl9 platform. This way, they divide and share resources between multiple teams and/or departments.

A Project can group all resources, including:

Important notes:

Projects cannot be nested inside one another, but Data Sources or Alert Methods can be shared across many Projects. Resources cannot be moved between different projects. If you create a resource in a wrong Project, you have to delete it first, then go to the correct Project, and create a resource directly in it. For more details, check the Managing Shared Resources section below.

Caution: If you are using sloctl version is older than 0.0.56, you will not be able to use the kind: Project.

Add a Project

  1. Go to Catalog > Projects.
  2. Click the plus icon.
  3. In the ‘Project Creation’ wizard, enter the following information:
    • Display Name (optional field).
    • Name (mandatory field).
    • Description (optional field).
  4. Click the ‘Create Project’ button at the bottom right corner.

💡 Note: When you create a Project, you are automatically assigned to it as a Project Owner.

Roles in the Nobl9 Platform

Organization Admin

Organization Admins have full read and write access to all areas in the Nobl9 platform. They are responsible for setting up SSO and user management. Organization Admins can:

💡 Note: Org Admins can only edit the Annotations that they own.

Organization User

By default, anyone who signs into the Nobl9 platform is an Organization User. Organization Users can be granted access to one or more Projects. They can be assigned to an Owner, Editor, Viewer or Integrations User role within a Project. Organization User can:

💡 Note: Organization Users can only see the contents of a Project if they were granted access to this project by the Organization Admin or the Project Owner.

Organization Viewer

The Organization Viewer can access all resources and UI in the Nobl9 platform in a read-only mode. Organization Viewers can:

💡 Note: Organization Viewers cannot edit any resources in the Nobl9 platform.

Project Owner

The Project Owner has read- and write- access to their Project(s). Project Owners can:

💡 Note: Project Owners can only edit the Annotations that they own.

Project Editor

The Project Editor is the primary user of the Noble9 platform. Project Editors can:

Project Viewer

The Project Viewer is the primary consumer of data in the Noble9 platform. Project Viewers can:

💡 Note: Project Viewer cannot create, edit or delete resources.

Project Integrations User

The Project Integrations User can use a Data Source or an Alert Method from a given project without the possibility to create, edit or delete this Project’s resources. Integrations Users can:

💡 Note: For example, if a user is an Editor in Project A and an Integrations User in Project B, it means that they can use Data Sources and Alert Methods from Project B in Project A. However, they cannot edit any resources in Project B.

Roles Summary

Organization Level

  Organization Admin Organization User Organization Viewer
View all resources Yes Depends on project access granted to this user Yes
Add, remove, and suspend users Yes No No
Assign and remove user roles (on an organization and project level) Yes No No
Create projects and resources Yes Projects only No
View dashboard Yes No Yes
View resource usage summary report Yes No Yes
Create/Edit/Delete Annotations Yes No No
View Annotations Yes Yes Yes
Create access keys1 Yes Yes Yes

1 All Nobl9 users can create Access Keys.

Project Level

  Project Owner Project Editor Project Viewer Project Integrations User
Add existing users to the project Yes No No No
Create/edit SLOs Yes Yes No No
Create/edit services Yes Yes No No
Create/edit alert policies Yes Yes No No
Add/Use integrations Yes Yes No Can use but cannot create integrations
View reports Yes Yes Yes Yes
View SLO details Yes Yes Yes Yes
Create/Edit/Delete Annotations Yes Yes No No
View Annotations Yes Yes Yes No
View dashboard Yes Yes Yes Yes
Create access keys Yes Yes Yes Yes

Adding Users & Assigning Roles to the Users

Roles in the Nobl9 platform can be managed on the Organization and Project levels. To access the user management UI, navigate to Settings > Users.

Organization roles can only be assigned and changed by Organization Admins. Organization Admins can also invite new users to their organization, delete them or suspend their accounts.

Project roles can be assigned either by Organization Admins or by the Owners of a given Project.

💡 Note: Project Owners cannot invite new users, delete or suspend user accounts.

Adding a User

  1. Go to Settings > Users.
  2. Click the Click the plus icon.
  3. In the ‘Create User’ wizard, enter the following information:
    • First Name.
    • Last Name.
    • Email address.
    • Organization Role.
  4. Click the ‘Create User’ button at the bottom right corner.

💡 Note: An invitation to join Nobl9 will be automatically sent to the user, and their role will be applied once they log in. The status of the invited user is automatically set to ‘Pending.’ It will be changed to ‘Active’ after the user accepts the invitation. Organization Admin can resend the invitations to users that are on the ‘Pending’ status.

Deleting a User

  1. Go to Settings > Users.
  2. In the user list, hover over the user you want to remove.
  3. Click the Trash icon at the right end of the given row:

  4. Click the ‘Delete’ button in the pop-up window to confirm.

💡 Note: Deleted users will be permanently removed from the organization. Their Access Keys will be permanently removed. They will not be able to log in to the Nobl9 platform via the UI and access Nobl9 through the sloctl tool.

Suspending a User

  1. Go to Settings > Users.
  2. Find the user in the user list.
  3. Click the down-pointing arrow to display the drop-down menu in the’ Status’ column.
  4. In the drop-down menu, select the ‘Suspended’ status.
  5. Click the ‘Deactivate’ button in the pop-up window.

💡 Note: Suspended users will not be removed from the database, but they will not be able to access the Nobl9 platform via the UI or the sloctl application. Access Keys that belong to a suspended user will be temporarily deactivated.

Admins can reactivate users by navigating to the Settings > Users and changing the user’s status to ‘Active.’

Changing Organization Role

  1. Go to Settings > Users.
  2. In the Users’ List, find the user you wish to update.
  3. In the ‘Organization Role’ column, click the down-pointing arrow to display the drop-down menu.
  4. In the drop-down menu, select the Organization Role for the user by clicking it.

Assigning a User to a Project

  1. Go to Settings > Users.
  2. In the user list, find the user you wish to update. Hover over the user and click the icon on the right-hand side of the user list.

    💭 Tip: If the user has access to multiple Projects, click the down-pointing arrow next to the user name to display the list.

  3. In the dialog box in the ‘Projects’ column, select or enter a Project that you want to assign to the user.

  4. In the ‘Access Permissions’ column, click the down-pointing arrow to select access permission that you want to assign to the user.

💡 Note: Organization Admins and Project Owners can manage Project-level permissions.

Caution: A user cannot be assigned to a Project without any role. If an Organization Admin or a Project Owner selects a Project without choosing the user’s role in this project, this change will not be saved.

Removing Projects and Project Permissions

  1. Go to Settings > Users.
  2. Find the user that you wish to update in the user list. Hover over the user.
  3. Click the Trash icon can in the ‘Project’ column for that user.
  4. In the pop-up window, click ‘Delete’ to confirm.

💭 Tip: To remove a Project role from a user, you must unassign this user from the project.

Catalog Grouping in the UI

Users can manage and review their projects in the Catalog menu in the main navigation pane. The Catalog view allows users to edit and delete resources that belong to a given project directly from the Project Details tab.

To access the Project Details panel:

  1. Click Catalog in the left navigation pane.
  2. In the Projects tab, choose the Project on the list.
  3. Hover over the relevant Project and click it.

The Project Details tab allows users to review and edit Services, SLOs, Data Sources, Alert Policies, Alert Methods, and users that belong to the specific Project. Using the Project Details tab, users can directly access all resources, edit them through the UI wizards or delete them:

User Roles and the Visibility of Resources

Project permissions affect what data is visible and what actions are available to the users within a Project in their Catalog > Projects tab:

User Roles and the Settings Tab

Project permissions also restrict the content that is visible to the users in the Settings > Users tab:

User Roles and Access to Resources

Project permissions affect what resources can be accessed by the users, for example:

💡 Note: The same limitations apply to sloctl. The Role Bindings that are visible depend on the role that is assigned to the user.

Access Keys

Nobl9 enables command-line access through the sloctl tool. You can use Sloctl and share access with other users through an Access Key.

Creating an Access Key

  1. Go to Settings > Access Keys.
  2. Click the ‘Show Access Keys’ button at the bottom.
  3. Click the ‘Create Access Key’ button at the bottom.
  4. A pop-up window will appear. You can add a description of your key or find relevant information associated with your Access Key such as: ‘Client ID,’ ‘Client Secret,’ ‘Organization’ and ‘Command Prompt’.

    💭 Tip: Secret is displayed only once. Save it for future use.

  5. Click the ‘OK’ button to finish the configuration. The system will generate your Access Key automatically.

💡 Note: A single user can have 2 keys in an organization. The User is only allowed to view and manage their Access Keys.

Disabling an Access Key

  1. Go to Settings > Access Keys to display the list of your Access Keys.
  2. Click the ‘Disable’ button next to the Access Key that you wish to disable.

You can reactivate your Access Key by going to Settings > Access Keys and clicking the ‘Enable’ icon next to the Access Key that you wish to reactivate.

💡 Note: A disabled Access Key is not removed from Nobl9’s database. Users will not be able to use disabled Access Keys to access Nobl9 via the sloctl tool. Disabled Access Keys will be included in the maximum quota of 2 Access Keys per user in an organization.

Deleting an Access Key

  1. Go to Settings > Access Keys to display the list of your Access Keys.
  2. Click the ‘Delete’ button next to the Access key that you wish to delete.
  3. In the pop-up window, click the ‘Delete’ button.

💡 Note: The Client’s secret is displayed only once: save it for your future use.

Managing Shared Resources

Data Sources and Alert Methods are global resources in Nobl9. They can be used across Projects but a User must have the following roles assigned:

Integrations Users can only use Data Sources and Alert Methods, they cannot edit or delete these integrations. They also cannot add, edit or delete any other resources in projects they are assigned to with this role.

The Integrations User role gives Project Owners control over the usage of their Data Sources and Alert Methods. Project Owners have to explicitly agree that users who do not belong to their projects can use their integrations.

Alternatively, you can share Data Sources and Alert Methods across the entire organization. To share them:

Service Health Dashboard

Service Health Dashboard (or Dashboard) provides a high-level overview of the reliability of your organization’s services. The Dashboard targets product managers or executives who do not require a granular view of each SLO and instead are looking for a holistic view of reliability within their organization. Engineers or SREs can also use it to see a snapshot of the current state of their environment and drill down for more information.

The Dashboard gives an aggregated view of the overall organizational health. It shows which Services are at risk or have burned through their error budget. All Services are grouped by Projects in the Dashboard.

Using Dashboard users can check:

Monitoring Health of Services

The Dashboard displays services in terms of their health, following the below coloring pattern and naming logic:

Service X Remaining error budget
SLO A 84%
SLO B 45%
SLO C 9%
SLO D 19%
SLO E 95%
Service Y Remaining error budget
SLO A 84%
SLO B -55%
SLO C 9%
SLO D 19%
SLO E 95%

💡 Note: Each Service is evaluated based on the current time window. This way, the Dashboard gives a high-level view of all Services in the user’s organization, even if the error budgets for each SLO are calculated differently (e.g., based on time slices or occurrences).

Changing the View Mode

Users can adjust how the Services are displayed on the Dashboard and choose the view mode that suits your needs best. To change the display mode:

  1. Go to the ‘View’ drop-down list at the top pane of your Dashboard.
  2. Click the drop-down list.
  3. Choose between the available view options:

Accessing Service Details

The Dashboard enables a more detailed view as well. Clicking a specific Service on the Dashboard shows a summary of the SLOs with their remaining budgets. To access Service details:

  1. Go to the Dashboard in the main navigation pane.
  2. Click the relevant Service.
  3. A pop-up window will appear, showing a summary of the SLOs with the remaining error budget.

💡 Note: You can see the details of the specific SLOs by clicking on the relevant SLO icon:

Filtering Dashboard

Users can filter the data displayed on the Service Health Dashboard to see only those services that are available, at risk, or exhausted. To apply filters, hover over the filter icon at the top of the screen and choose the relevant category.

💡 Note: Filters can be combined.

Sorting Dashboard

The Dashboard also allows users to sort the display. This feature affects how the Projects are ordered on the Dashboard. By default, Projects are sorted by State. This display mode follows the below assumptions (from the left-hand side to the right-hand side of the UI):

For example:

The same rules apply to how the individual Services are ordered in a Project (from top to bottom):

For example:

This way, users can quickly identify these Projects and Services that require immediate attention.

Projects can also be sorted alphabetically:

This display mode affects only the order of projects on the Dashboard. It does not affect the logic of displaying Services in a Project. This way, users can readily see on the left-hand side of the page those Services that are Exhausted or At risk.

Changing the Sorting Mode

To change the sorting mode:

  1. Click the ‘Sort by’ drop-down menu on the top right corner of the Dashboard.
  2. Choose and click one of the following options:
    • Projects A-Z: sorts the Dashboard view by Project names in ascending order.
    • Projects Z-A: sorts the Dashboard view by Project names in descending order.
    • State: sorts the Dashboard view by the state of Services in each Project. Projects with the highest number of exhausted Services or Services at risk of burning their error budget are displayed first.

Searching a Project

If you are searching for a specific project, click the ‘Search’ box in the top-right corner of the Dashboard and enter the name of the Project. The screen will update once you enter the Project name.

Labels in Nobl9

This guide presents an overview of labels in the Nobl9 platform and explains how to create and manage labels through the Nobl9 UI and sloctl.

Labels are key-value pairs that can be attached to SLOs, Services, and Alert Policies in the Nobl9 platform. Labels allow users to define attributes of resources and use them to filter and group SLOs across Services in the SLO Grid view and Reports. Each label must be unique for a given SLO, but many SLOs can carry the same label.

Labels can be attached to SLOs when creating or editing a Service in the SLO Wizard. Users can select existing pre-defined labels or add new ones that are specific to their organization.

Requirements for Labels

Most Common Use Cases of Labels

The following are the most common use cases for labels in the Nobl9 platform:

Adding Labels to a New SLO

  1. Go to Service Level Objectives in the main navigation pane.
  2. Click the plus button.
  3. In the SLO wizard > Add name, Alert policy and Labels click on Labels:
  4. Select a label from the dropdown menu, or
  5. Click the ‘Save SLO’ button.

Adding Label(s) to an Existing SLO

  1. Go to Service Level Objectives in the main navigation pane.
  2. On the relevant SLO, click the pencil button to edit.
  3. In the SLO wizard > Add name, Alert policy, and Labels click the ‘Labels’:
    • Select a Label from the dropdown menu, or
    • Create a new Label by entering its name and clicking on the plus button.
  4. Click the ‘Save SLO’ button.

Adding Label(s) to an Existing Service

  1. Go to Catalog > Services.
  2. Choose a relevant service from the Services list.
  3. Click the Pencil button.
  4. Click the ‘Labels’ field and:
    • Choose a label that will be attached to your Service or
    • Create a new Label by entering its name and clicking on the plus button.

💡 Note: You can choose up to 20 labels that will be attached to your Service. Click the ‘Save Service’ button.

Removing Label(s) from a Service

  1. Go to Catalog > Services.
  2. Choose a relevant service from the Services list.
  3. In the ‘Labels’ column, click on the next to the Label that you wish to remove:

Adding Labels to an Alert Policy

  1. You can add labels to your Alert Policies:
  2. Go to Alerts.
  3. Click the plus button.
  4. In the Alert Policy wizard > Add Alert Policy name, Severity, and Labels click the ‘Labels’:
    • Select a Label from the dropdown menu, or
    • Create a new Label by entering its name and clicking on the plus button.
  5. Click the ‘Create Alert Policy’ button.

Adding Label(s) to an Existing Alert Policy

  1. Go to Alerts in the main navigation pane.
  2. Choose a relevant Alert Policy from the list.
  3. Click the pencil button.
  4. In the Add Alert Policy name, Severity, and LabelsClick the ‘Labels’ field and:
    • Choose a label that will be attached to your Alert Policy or
    • Create a new Label by entering its name and clicking on the plus button.

💡 Note: You can choose up to 20 labels that will be attached to your Alert Policy. Click the ‘Save Alert Policy button.

Filtering by Labels - Overview

Nobl9 allows you to filter by multiple labels:

For example:

SLO Label 1 Label 2
SLO A has the labels geo: eu team: green
SLO B has the labels geo: apac team: green
SLO C has the labels geo: eu team: red
SLO D has the labels geo: apac team: red

Filtering SLOs by Labels in the UI

Labels allow you to easily filter through the SLOs. To filter your SLOs:

  1. Go to Service Level Objectives in the main navigation pane.
  2. Click the arrow button in the SLO search box on the left-hand side of the screen. Enter the relevant Project.
  3. In the Labels field select the relevant labels that you want to filter through.
  4. The results will be displayed on the grid view.

💡 Note: You can share the results of your filtering directly with anyone from your team by copying the deep link from your browser address bar.

💭 Tip: You can easily review the applied filters by hovering over the filter icon. To remove any of the filters, click the ‘x’ icon next to the relevant filter. Once you remove a filter, the change is applied in the link as well.

Filtering Reports by Labels in the UI

Nobl9 allows you to filter your reports by labels. To do that:

  1. Go to Reports in the main navigation pane. Enter Project, Service, and Service Level Objective in the relevant fields.
  2. Click the Labels field and:
    • Choose a label that will be attached to your Service or
    • Create a new Label by entering its name and clicking on the plus button.
  3. Click the ‘Apply’ button.
  4. You will be able to see your filtered report result on the grid view.

💡 Note: You can share the results of your report filtering directly with anyone from your team by copying the deep link from your browser address bar.

Retrieve Labelled Resources in sloctl

Retrieving SLO or Service config also returns all the labels that are set on the objects and allows filtering them.

There are two versions of syntax accepted by sloctl while filtering by labels:

Assumptions for label commands in sloctl:

Apply YAML for Labels for SLOs and Services

apiVersion: n9/v1alpha
kind: Service
metadata:
  name: webapp-service
  displayName: WebApp Service
  project: default
  labels:
    key:
      - value
    team:
      - green
      - orange
    noble:
spec:
  description: Web Application Service

Data Exports

Nobl9 TechDocs: Data Exports

Reference the Data Exports for more in-depth documentation about how to use the Nobl9 with other platforms.

Overall Schema

This section explains how Nobl9 configuration is represented in the sloctl API, and how you can express them in .yaml format.

apiVersion: n9/v1alpha
kind: AlertPolicy🡕 | SLO🡕 | Service🡕 | Agent🡕 |
      DataExport | Direct🡕 | Integration🡕
metadata:
  name: string
  displayName: string   # optional
  project: string   # optional
spec:

Notes

Please, note that names should be unique within a project. It is not possible to have two objects of same kind with exactly the same name in a given project.

DataExport

The DataExport defines the configuration to export your data from Nobl9.

💡 Note: DataExport is a premium feature. Please contact your Nobl9 sales representative to enable the DataExport feature.

apiVersion: n9/v1alpha
kind: DataExport
metadata:
  name: string
  displayName: string # optional
  project: string
spec:
  exportType: S3 | Snowflake | GCS
  spec:
    bucketName: string # Required name of s3 bucket or gcs bucket.
    # Required for S3 and Snowflake export types.
    # This is the Amazon Resource Name (ARN) of the role
    # that the Nobl9 is assuming to upload files.
    roleArn: string
apiVersion: n9/v1alpha
kind: DataExport
metadata:
  name: s3-data-export
  displayName: S3 data export
  project: default
spec:
  exportType: S3
  spec:
    bucketName: examplebucket
    roleArn: arn:aws:iam::123456789:role/example