Summary
We are requesting the introduction of a Read-Only Admin role (or "Auditor" role) within the Glean administrative console. This role would allow designated users to view configurations, data source statuses, and analytics without the ability to modify settings, delete data sources, or change user permissions.
Problem / Justification
Currently, Glean administrative roles often require full "write" access to view critical backend information. This creates several challenges for enterprise organizations:
- Security & Compliance: Many organizations follow the principle of least privilege. Currently, to allow a security auditor or a department lead to verify setup or view usage analytics, we must grant them full administrative rights, which introduces unnecessary risk.
- Accidental Misconfiguration: Users who only need to monitor the health of data sources or check connector statuses may accidentally change a setting or disconnect a source if they have full edit access.
- Operational Visibility: Departmental stakeholders often need to see "what" is indexed and the "status" of those indices to support their teams, but they do not (and should not) have the technical responsibility to manage the underlying infrastructure.
Proposed Solution
Introduce a new system roleβRead-Only Adminβthat can be assigned to users in the Admin Console.
Key Characteristics:
- View-Only Access: Ability to browse all tabs in the Admin Console (Data Sources, Search Customization, Insights, User Management).
- Disabled Actions: All "Save," "Delete," "Edit," and "Invite" buttons should be greyed out or hidden for users with this role.
- Dashboard Access: Full access to Glean Insights/Analytics to monitor adoption and usage without the ability to change global workspace settings.
Benefits
- Enhanced Security: Limits the number of users with "Write" access, reducing the attack surface and the risk of internal configuration errors.
- Streamlined Auditing: Simplifies the process for compliance teams to audit data source configurations and security settings.
- Scalable Governance: Allows larger organizations to delegate visibility to departmental "champions" without handing over the keys to the entire search infrastructure.
Relevant Context
As our Glean footprint grows, the need to separate configuration from observation becomes critical. Providing a way to grant visibility without authority will help us maintain a stronger security posture while still enabling data-driven decision-making across our various teams.
Thank you.
