Admin/Instance Management¶
Users with the admin role have additional controls available in their top right user menu for managing the DATAMIMIC instance. These controls provide comprehensive management capabilities for users, projects, logs, and more across the entire system, rather than being limited to individual projects.
On-premise installation
An initial admin user is being created on deployment of a new DATAMIMIC instance. Additional users can be promoted to the admin role from System Users. New users will always be created with the default user role and do not have admin privileges.
Controls and Actions¶
The admin role provides access to the following additional functions via the User Menu from the Navigation Bar:
- System Configuration: Manage all configurations in the system.
- System API: View API documentation and manage API access.
- System Users: Manage all users in the system, including password resets and creating new users.
- System Tasks: View and manage all tasks across the system.
- System Projects: Manage all projects, including adding users to projects.
- System Task Cleanup: Perform cleanup operations on tasks to maintain system performance.
- System Jobs: Manage all recurring jobs in the system.
System Configuration¶
The System Configuration section provides an overview of all settings running in the system used only by administrator level.
Signup¶
The signup configuration feature allows administrators to control user self-signup behavior and set the default role assigned to new users upon creation. This provides flexibility in managing how users access the DATAMIMIC system and what permissions they receive by default.
Key Features¶
-
Disallow Self Users Signup: This option allows administrators to control whether users can sign up independently. When enabled, self-signup is disabled, meaning new users can only be created by an administrator.
-
When Disallow Self Users Signup is checked, the sign-up form will no longer be accessible, and all account creation must go through administrative actions.
-
When the option is unchecked, users can register themselves via the standard sign-up process.
-
Initial Role Assignment: The admin can define the role that is automatically assigned to new users upon signup. This allows for predefined permissions to be granted to new users based on their assigned role.
-
If the Initial Role is set to a specific role (e.g.,
DATAMIMIC_USER), users will be granted that role immediately upon signup. - If the Initial Role is set to None, new users will be created in an inactive state, meaning they cannot access the system until an administrator assigns them a role and activates their account.
Example Usage¶
This feature is accessible from the System Configuration page, under the Signup section. Admins can toggle the self-signup option and define the initial role for new users from this page.
The signup configuration settings include:
- Disallow self users signup: A checkbox that controls whether users can sign up on their own.
- Initial Role: A dropdown where admins can select the default role for new users, including the option to set the role to None, which places new users in an inactive state until manually activated by an admin.
Example Configuration¶
Imagine a scenario where you want to allow self-signup but ensure that new users are created with limited access. You could configure the Initial Role to DATAMIMIC_USER, providing users with basic access while preventing them from accessing sensitive areas.
Alternatively, if you want to control every user’s access manually, you can enable Disallow Self Users Signup and set the Initial Role to None. This way, no one can sign up on their own, and even if they are added to the system by an admin, they will remain inactive until explicitly assigned a role and activated.
Administrative Signup Process¶
When Disallow Self Users Signup is enabled, admins are responsible for creating new users via the System Users section. From there, administrators can create accounts, assign roles, and activate users directly.
Admins will have the ability to:
- Assign roles such as
DATAMIMIC_USER,DATAMIMIC_ADMIN, etc. - Control activation and deactivation of users manually.
This setup is ideal for more controlled environments where user access needs to be tightly managed.
Best Practices for Signup Management¶
- Security Consideration: If your system contains sensitive or critical data, it is recommended to disable self-signup and require admin approval for new users. This ensures that only authorized individuals gain access to the system.
- Initial Role Customization: Use the Initial Role feature to manage user permissions effectively. Setting the role to None ensures that new users do not accidentally gain access to unauthorized parts of the system.
System Users¶
The System Users section provides functionality to manage all users within the DATAMIMIC system. Admins can:
- Reset passwords for users.
- Create new user accounts.
- Update user details and roles.
System Projects¶
The System Projects section allows admins to manage all projects across the system. Admins can:
- Add users to projects.
- Monitor and manage project details.
- Perform project-specific actions, similar to those available within individual project settings.
Note
Admins can add users to projects from the System Projects section. However all users can also add additional users for collaboration to their own projects.
System Tasks¶
The System Tasks section provides an overview of all tasks running in the system. Admins can:
- Monitor the status of tasks.
- Manage task execution and scheduling (Stop, Pause, and Delete).
- Troubleshoot task-related issues.
System Task Cleanup¶
The System Task Cleanup action allows admins to perform maintenance tasks to keep the system running smoothly. After an unexpected system restart the function allows to cleanup tasks in undefined states.
System Jobs¶
The System Jobs section provides management capabilities for all recurring jobs in the system. Admins can:
- Create, edit, and delete jobs.
- Monitor job execution and performance.
- Troubleshoot job-related issues.
Logs¶
Logs are essential for monitoring the activities and diagnosing issues within the DATAMIMIC system. Since DATAMIMIC as a cloud-native app does not store logs internally, they must be retrieved from your container platform. Depending on your deployment (Docker, Kubernetes, etc.), the methods for accessing logs may vary.
Retrieving Logs with Docker¶
For environments using Docker, use the following command to access logs:
1 | |
Replace [container_name] with the name or ID of your DATAMIMIC container. This command will display the logs generated by the DATAMIMIC application running inside the specified Docker container.
Retrieving Logs with Kubernetes¶
If DATAMIMIC is deployed within a Kubernetes cluster, use kubectl to retrieve logs:
1 | |
Replace [pod_name] with the name of the pod running the DATAMIMIC application. This command fetches logs that are crucial for troubleshooting and monitoring the system's behavior in a Kubernetes environment.
Important Notes¶
- Log Persistence: Logs retrieved via Docker or Kubernetes are not persistent and are typically cleared upon container/pod restart. Consider setting up a log management solution that supports log persistence and more sophisticated querying capabilities.
- Access Control: Ensure that access to logs is controlled and restricted to authorized personnel only, as logs may contain sensitive information.
- Real-time Monitoring: For real-time log monitoring, you may integrate with tools like ELK Stack or Splunk, which provide more comprehensive log analysis and visualization features.
Note
For detailed instructions on setting up and configuring log management tools, refer to the respective documentation of the tool you are integrating with.