SQL Clone 4

Teams

Page last updated 16 July 2019

Overview

Version 4 of SQL Clone introduced teams, an optional feature which gives you more granular control over permissions. Using teams you can restrict access to certain resources such as images and instances, giving some teams access to certain resources and other teams access to other resources. For example, you can give DBAs access to instances in higher level environments in order to make images from production backups, without giving developers the same access.

Teams can contain users, images and instances. Administrators can place SQL Clone users into teams as well as any images or instances. When a user is added to a team they will get access to the images and instances in that team. Team access is additive; adding a user to a new team will never reduce their access to anything. Administrators are unaffected by teams - they will always have access to everything.

If a user is not granted access to an image,

  • they won't be able to see the image at all in the UI or via PowerShell, so they won't be able to interact with it,
  • they won't be able to make clones of that image,
  • they won't be able to see clones of that image.

If a user is not granted access to an instance,

  • they won't be able to see the instance in the UI or via PowerShell, so they won't be able to interact with it,
  • they won't be able to use it as an image source or temporary instance,
  • they won't be able to use it as a clone destination instance,
  • they won't be able to see any clones on that instance.

When creating an image, a user can select which of their teams to place their image into.

Creating and managing teams

The teams feature starts disabled. To enable it, go to the Permissions page within Settings, and go to the Teams tab. When you first enable teams, only administrators will have access to Clone until you place your users into teams.

Click 'Create your first team'. You can name teams anything you like. Once you have created the team, click on its team card to add users, images, and instances to it.

You can either select specific users, images, and instances to be part of this team, or you can click the 'All users', 'All images', or 'All instances' checkboxes to include all such resources in this team instead of selecting them one by one. If you select these checkboxes, they will always include all of these resources, and you won't need to add new items manually. You can uncheck them at any time to go back to selecting specific resources for that team.

You can delete teams at any time. This won't delete their users, images, or instances, and it won't increase any user's access.

You can also disable the teams feature as whole at any time. Disabling the feature will remove any restrictions that teams were imposing - all users will be able to access all resources. Any role-based permissions you have created in the users tab will still apply.

Didn't find what you were looking for?

Product Articles

Tips and how-to guides for Redgate products

University

Easy to follow video courses

Community Forums

Ask, discuss, and solve questions about Redgate's tools

Events & Friends

Meet us at an event, get sponsored, and join our Friends of Redgate

Simple Talk

In-depth articles and opinion from Redgate's technical journal