Organizations in the Verta platform help you manage access to entities while facilitating collaboration across teams within your organization. The entities include datasets, projects (experiment runs), registered models, endpoints, and monitored entities.
There are two types of workspaces:
- Personal workspace - When a user signs up with the platform, they are assigned a personal workspace by default which is named after their user-id. . Any entity created within your personal workspace can only be accessed by you. You can selectively share entities with other users by adding them as collaborators.
- Organization workspace - Organizations provide isolated and central workspace for all the team members to build and deploy models. An organization has admins and members. Admins have complete administrative access to your organization, while members are the default role for everyone else. You can manage access permissions for multiple members at a time by creating teams.
Users can select a default workspace and every time they log in to the web app, that workspace is their default view. Workspaces can be switched using the dropdown in the top right-hand section. The first organization a user is added to becomes their default workspace. Users can also change their default workspace by clicking on the favorite icon in the workspace selection menu.
When using the client library, if the workspace is not specified while creating a project, registering a model, or deploying an endpoint, the client logs those entities in your default workspace.
Here is the list of the entities and available permission levels:
Read, Write, Delete, Invite Collaborators
Projects (Experiment Runs)
Read, Write, Delete, Invite Collaborators, Deploy Experiment Run
Model Catalog (Registered Models)
Read, Write, Delete, Invite Collaborators, Deploy Registered Model
Read, Write, Delete, Invite Collaborators, Predict Endpoint
Here is the list of different user roles available on the platform:
Full access to the Organization and all the entities.
The default access level is set by the Org admin. Org members can be invited as collaborators to specific entities.
Individuals and teams who have full access to specific entities (Read, Write, Delete, Invite Collaborators, Deploy, Predict endpoint)
Individuals and teams are added to specific entities and are assigned different permissions
Full access to a team (update, delete, and invite members)
Inherit access that is given to the team
An org admin can set a default permission level for entities within the org that applies to all the organization members. The baseline permissions can be set when an org is created or can be updated later in the roles and permissions tab in the org setting.
Different baseline permissions available are the following:
- Private - All the entities are created private. Only org admin and entity creators can access them. Other members and teams need to be invited as collaborators to individual entities.
- Read - Org members have read-only access to entities in the org
- Write - Org members have read/write access to entities in the org
- Admin - Org members have entity admin access that includes read, write, delete, deploy and invite collaborators.
Org admins can configure advanced baseline permissions that are applicable to specific entity types. Those permission are:
- Deploy project - Ability to deploy an experiment run from a project
- Deploy registry - Ability to deploy a registered model version from the model registry
Each entity inherits the org baseline permissions set by the org admin. Additionally you can invite collaborators and add entity admins by going to the settings tab for the entity.
- Entity admins - The creator is by default the entity admin. Additionally more entity admins can be invite. They would have full access to that entity that includes read, write, delete, deploy, predict, invite/remove collaborators, invite/remove other entity admins.
- Internal collaborators - Org members can be added as collaborators and they can be given read, write, deploy and predict permissions.
- External collaborators - Users outside the organization can also be added to individual entities and they can be given read, write, deploy and predict permissions.
Org admins have compete access over the organization. Org creator is org admin by default. The platform supports multiple org admins. There should be at least one org admin in the org.
The actions that the org admins can take are the following:
- Update org details
- Delete org
- Invite members and org admins
- Remove members and org admins
- Create teams and invite team members
- Full access to all the org entities that includes read, write, delete, deploy, predict, invite/remove collaborators, invite/remove entity admins