Team Management
Team management in 9n9s helps you organize users, control access to resources, and streamline collaboration across different groups within your organization. Set up teams based on your organizational structure and assign appropriate permissions.
Teams Overview
Section titled “Teams Overview”Purpose and Benefits
Section titled “Purpose and Benefits”Organizational Structure:
- Mirror your company’s team structure in monitoring
- Group users by department, function, or project
- Create clear ownership boundaries for services and monitors
- Enable team-specific views and workflows
Access Control:
- Control who can view, edit, or manage specific monitors
- Implement least-privilege access principles
- Manage permissions at team and individual levels
- Audit access and activity across teams
Collaboration:
- Team-specific notification channels and escalation
- Shared dashboards and monitoring views
- Cross-team visibility when needed
- Streamlined onboarding for new team members
Team Structure
Section titled “Team Structure”Hierarchical Organization:
Organization: ACME Corp├── Engineering│ ├── Backend Team│ ├── Frontend Team│ └── DevOps Team├── Product│ ├── Product Management│ └── UX Design└── Operations ├── IT Support └── Security TeamRole-Based Access:
- Organization Admins: Full access across all teams and resources
- Team Admins: Manage their team and team resources
- Team Members: Access to team resources based on role
- Viewers: Read-only access to specific resources
Creating and Managing Teams
Section titled “Creating and Managing Teams”Team Creation
Section titled “Team Creation”Create New Team:
// Via Web Interface1. Navigate to Account → Teams2. Click "Create New Team"3. Enter team name and description4. Set initial permissions and access levels5. Add team membersTeam Configuration:
team: name: "Backend Development Team" description: "Responsible for API services and backend infrastructure" parent_team: "Engineering" default_role: "member" settings: auto_join: false external_sync: "active_directory" notification_preferences: default_channels: ["slack-backend"]Team Settings
Section titled “Team Settings”Basic Information:
- Team Name: Descriptive name for the team
- Description: Purpose and responsibilities
- Parent Team: Hierarchical organization (optional)
- Team Lead: Primary contact and administrator
Access Configuration:
access_settings: default_permissions: monitors: "read_write" dashboards: "read_write" alerts: "read_write" settings: "read_only"
inheritance: from_parent: true from_organization: true
external_access: api_access: true webhook_access: trueNotification Settings:
notification_settings: default_channels: - type: "slack" channel: "#backend-alerts" - type: "email"
escalation: primary: ["team_lead", "senior_engineers"] secondary: ["engineering_manager"] external: ["operations_team"]Member Management
Section titled “Member Management”Adding Team Members
Section titled “Adding Team Members”Individual Addition:
// Add existing organization member to teamaddTeamMember({ team_id: "team_123", role: "member", permissions: { monitors: "read_write", dashboards: "read_only", },});Bulk Import:
team_members: role: "admin" title: "Senior Backend Engineer" role: "member" title: "Backend Engineer" role: "viewer" title: "Product Manager"# Import team members from file9n9s-cli teams import-members team_123 --file team_members.ymlUser Roles and Permissions
Section titled “User Roles and Permissions”Team Roles:
| Role | Permissions | Description |
|---|---|---|
| Admin | Full team management | Can manage team settings, members, and all resources |
| Member | Standard access | Can create/edit monitors and dashboards within team scope |
| Contributor | Limited write access | Can create monitors but not modify team settings |
| Viewer | Read-only access | Can view team monitors and dashboards |
Permission Matrix:
permissions: admin: team_management: true monitor_create: true monitor_edit: true monitor_delete: true dashboard_create: true dashboard_edit: true alert_configuration: true billing_access: false
member: team_management: false monitor_create: true monitor_edit: true monitor_delete: own_only dashboard_create: true dashboard_edit: own_and_shared alert_configuration: true billing_access: false
viewer: team_management: false monitor_create: false monitor_edit: false monitor_delete: false dashboard_create: false dashboard_edit: false alert_configuration: false billing_access: falseExternal User Integration
Section titled “External User Integration”Single Sign-On (SSO):
sso_integration: provider: "active_directory" team_mapping: attribute: "department" mappings: "Backend Engineering": "backend_team" "Frontend Engineering": "frontend_team" "DevOps": "devops_team"
role_mapping: attribute: "title" mappings: "Senior Engineer": "admin" "Engineer": "member" "Manager": "admin"SCIM Provisioning:
// Automatic user provisioningscim_config: { endpoint: "https://company.com/scim/v2/", authentication: "bearer_token", team_assignment: "automatic", deprovisioning: "disable_access"}Team-Based Access Control
Section titled “Team-Based Access Control”Resource Ownership
Section titled “Resource Ownership”Team Ownership Model:
resource_ownership: monitors: ownership: "team_or_individual" sharing: "explicit_permission" inheritance: "team_members"
dashboards: ownership: "team_or_individual" sharing: "team_default" inheritance: "team_and_organization"
projects: ownership: "team_only" sharing: "cross_team_allowed" inheritance: "team_admins"Access Inheritance:
# Team members automatically inherit access to:inherited_access: team_monitors: "read_write" team_dashboards: "read_write" team_projects: "read_write" shared_resources: "read_only" organization_resources: "as_configured"Cross-Team Collaboration
Section titled “Cross-Team Collaboration”Shared Resource Access:
# Grant another team access to your resourcesresource_sharing: monitor_id: "mon_abc123" shared_with: - team: "devops_team" permissions: "read_only" - team: "security_team" permissions: "read_write"
sharing_scope: include_historical_data: true include_alert_configuration: falseCollaboration Patterns:
collaboration_examples: infrastructure_monitoring: primary_team: "devops" shared_with: ["backend", "frontend"] permissions: "read_only"
api_monitoring: primary_team: "backend" shared_with: ["frontend", "mobile"] permissions: "read_write"
security_monitoring: primary_team: "security" shared_with: ["all_teams"] permissions: "read_only"Team Workflows
Section titled “Team Workflows”Notification and Escalation
Section titled “Notification and Escalation”Team-Specific Alerting:
team_alerting: primary_channels: - slack: "#backend-alerts"
escalation_policy: level_1: delay: "0m" recipients: ["team_members"] level_2: delay: "15m" recipients: ["team_leads"] level_3: delay: "30m" recipients: ["engineering_manager"]On-Call Management:
on_call_schedule: rotation: "weekly" participants: ["alice", "bob", "charlie"] backup: "team_lead"
schedule: - week: "2024-01-15" primary: "alice" backup: "bob" - week: "2024-01-22" primary: "bob" backup: "charlie"Team Dashboards
Section titled “Team Dashboards”Automatic Team Views:
# Automatically created team dashboardteam_dashboard: name: "Backend Team Overview" auto_generated: true
widgets: - type: "team_monitor_status" title: "Team Monitors" filters: team: "backend_team"
- type: "team_performance" title: "Service Performance" metrics: ["response_time", "error_rate"]
- type: "team_alerts" title: "Recent Alerts" time_range: "24h"Custom Team Workflows:
team_workflows: deployment_monitoring: trigger: "deployment_detected" actions: - create_temporary_monitors - notify_team_channel - schedule_post_deployment_review
incident_response: trigger: "critical_alert" actions: - page_on_call_engineer - create_incident_room - notify_stakeholdersTeam Administration
Section titled “Team Administration”Team Settings Management
Section titled “Team Settings Management”Team Configuration:
# Update team settings via CLI9n9s-cli teams update backend_team \ --description "Backend API and infrastructure team" \ --default-role "member" \ --notification-channel "#backend-alerts"
# Manage team permissions9n9s-cli teams permissions backend_team \ --set monitors=read_write \ --set dashboards=read_write \ --set billing=read_onlyAudit and Monitoring:
team_audit: access_reviews: frequency: "quarterly" auto_remove_inactive: true inactive_threshold: "90d"
activity_monitoring: track_resource_access: true log_permission_changes: true alert_suspicious_activity: trueBulk Operations
Section titled “Bulk Operations”Team-Wide Updates:
# Update all team members' permissions9n9s-cli teams bulk-update backend_team \ --add-permission "dashboard_admin" \ --remove-permission "billing_access"
# Migrate resources between teams9n9s-cli resources migrate \ --from-team "old_backend_team" \ --to-team "new_backend_team" \ --resource-type "monitors"Team Reorganization:
# Reorganize team structureteam_migration: source_teams: ["backend_team", "api_team"] target_team: "platform_team"
resource_handling: monitors: "merge" dashboards: "create_shared_folder" permissions: "union"
member_handling: role_conflicts: "highest_privilege" notification_preferences: "preserve"Integration with External Systems
Section titled “Integration with External Systems”Identity Provider Integration
Section titled “Identity Provider Integration”Active Directory/LDAP:
ldap_integration: server: "ldap://company.com" base_dn: "ou=users,dc=company,dc=com"
team_mapping: attribute: "memberOf" pattern: "cn=([^,]+),ou=teams,dc=company,dc=com"
sync_schedule: "daily" auto_deactivate: trueSAML Integration:
saml_config: identity_provider: "okta"
attribute_mapping: team: "http://schemas.company.com/team" role: "http://schemas.company.com/role" manager: "http://schemas.company.com/manager"
team_creation: "automatic" role_assignment: "attribute_based"HR System Integration
Section titled “HR System Integration”Employee Directory Sync:
// Sync with HR systemhr_integration: { system: "workday", sync_frequency: "daily",
team_mapping: { source_field: "department", mapping_rules: [ { pattern: "Engineering - Backend", team: "backend_team" }, { pattern: "Engineering - Frontend", team: "frontend_team" } ] },
lifecycle_management: { new_hire: "auto_add_to_team", transfer: "update_team_membership", termination: "deactivate_access" }}Best Practices
Section titled “Best Practices”Team Organization
Section titled “Team Organization”Structure Recommendations:
- Align with Organizational Chart: Mirror your company structure
- Keep Teams Focused: Each team should have clear responsibilities
- Avoid Over-Segmentation: Balance security with collaboration needs
- Plan for Growth: Design structure that scales with team growth
Naming Conventions:
Team Naming: [Department] - [Function/Product]Examples:- "Engineering - Backend Platform"- "Engineering - Mobile Applications"- "Operations - Infrastructure"- "Security - Application Security"Access Control
Section titled “Access Control”Security Principles:
- Least Privilege: Grant minimum necessary access
- Regular Reviews: Quarterly access reviews and cleanup
- Separation of Duties: Separate sensitive operations across roles
- Audit Trail: Maintain logs of all access changes
Permission Strategy:
permission_strategy: development_teams: own_services: "full_access" shared_infrastructure: "read_only" security_monitors: "no_access"
operations_teams: all_infrastructure: "full_access" application_monitors: "read_write" security_monitors: "read_only"
security_teams: all_monitors: "read_access" security_monitors: "full_access" audit_logs: "full_access"Collaboration
Section titled “Collaboration”Cross-Team Communication:
- Shared Channels: Common spaces for cross-team issues
- Escalation Paths: Clear chains for issue escalation
- Documentation: Shared runbooks and procedures
- Regular Reviews: Cross-team monitoring effectiveness reviews
Incident Response:
incident_collaboration: notification_tree: L1: "primary_team" L2: "primary_team + team_lead" L3: "primary_team + secondary_teams + management"
response_rooms: auto_create: true include_teams: ["primary", "dependent_services"] invite_stakeholders: "automatic"Troubleshooting
Section titled “Troubleshooting”Common Issues
Section titled “Common Issues”Access Problems:
- User Can’t See Resources: Check team membership and permissions
- Permission Denied Errors: Verify role assignments and resource ownership
- Missing Notifications: Confirm team notification channel configuration
- SSO Integration Issues: Validate identity provider configuration
Team Management:
- Duplicate Team Memberships: Clean up overlapping team assignments
- Orphaned Resources: Identify resources without proper team ownership
- Role Conflicts: Resolve conflicting permissions across teams
- Inactive Users: Regular cleanup of inactive team members
Diagnostic Commands
Section titled “Diagnostic Commands”# Check user's team memberships
# Audit team permissions9n9s-cli teams audit backend_team --show-permissions
# List orphaned resources9n9s-cli resources audit --show-unowned
# Validate team configuration9n9s-cli teams validate --check-permissions --check-notifications