Manage Organizations and Access

  • concept
    All databases in Couchbase Capella are grouped into organizations and projects. You can add projects to organizations to group related databases together. Use organization roles and project roles to control your users' access.
    In the v4 Management API, databases are called clusters.

    About the Capella Hierarchy

    Couchbase Capella uses an organizational hierarchy to help you keep all of your data organized and securely accessible. At the top of the hierarchy is an organization. Everything you do in Capella, from creating a database to managing billing, happens inside the scope of an organization.

    All projects exist inside an organization. Use projects to group and manage databases inside Capella. For example, you could use projects to create separate environments for production and development or group your databases by application:


    About Organizations

    Add users to an organization by sending them invitations. Users can create a new Capella account when they receive an invitation to an organization. Users can join organizations with an existing Capella account.

    When you create a new Capella account without an invitation to an existing organization, Capella automatically creates a new organization for you, named My Organization.

    All users in an organization are assigned 1 or more organization roles. Use organization roles to control user access and privileges inside an organization for the Capella UI. Organization roles set whether a user can create a new project, invite new users, or view billing information in the UI.

    For example, if a user has the Organization Member role, they cannot manage API keys or view billing information in the Capella UI.

    For more information about the available organization roles in Capella, see Organization Roles.

    About Projects

    Create projects inside an organization to organize databases and control user access to databases.

    Add a user to a project as a collaborator to set project roles and control their privileges for databases inside that project. Project roles can set whether a user can read and write data on databases, only read data, or only configure and delete databases.

    For example, if a user only has the Project manager project role, they cannot use the Data Tools tab to access and modify data for databases in that project.

    If that same user had the Cluster Data Reader/Writer project role in the same project, they could use the Data Tools tab to access and modify data on databases in that project.

    For more information about the available project roles in Capella, see Project Roles.

    Programmatic and Application Access

    Control programmatic and application-level access to data on your databases with database access credentials. You can choose specific buckets and scopes for your database access credentials to limit access to data.

    Create database access credentials for each database in a project. You can only create database access credentials if you have the Project Owner role for that database’s project.