DO Ideas 2

Team accounts with fine grain control

Continuing from, that is great for multiple developers.

However, I would like to set a billing contact from our finance department who is not a developer and I don't want to give access to anything but billing.

As well as that, I am sure there are other use cases were a team lead might want to do one of the following:
- restrict access to certain servers to certain users
- or have an infrastructure employee restrict dev servers to developers, staging servers to devs and testers, and then prod/live to minority of devs, for example

Sum up:
- Ability to assign finance, infra (for downtime, maintenance work etc.), account super admin users with different abilities.
- Ability to assign a users to a account group.
- Ability to restrict droplets to certain users or user groups, and then that users abilities can be view, edit/view, or all access.


  • C
  • Sep 11 2018
  • Attach files
  • Fardin K. commented
    September 11, 2018 16:49

    At out scale, we don't need permissions per droplet; but I am concerned with the level of access a biller has. Adding another level (e.g. manager) would also be nice, accompanying a more limited access for developers (i.e. no destroy droplet or remove snapshot or back up permissions).

    Anyways a permission based system seems to be in order :)

  • Phil commented
    September 11, 2018 16:49

    It could look like the domain name system : technical contact, admin contact, billing contact, owner…

  • Anonymous commented
    September 11, 2018 16:49

    Related to Team Accounts but permit members to have access to accouning/billing etc info as determined by account holder.

  • Safeharbour commented
    September 11, 2018 16:49

    Hi guys, we have something that may be of use to the rest of the DO community:,
    its called SafeHarbour Buoy, and should be able to address fine grained control and
    collaboration with contractors.

  • Julien Meunier commented
    September 11, 2018 16:49

    What is really needed is the ability to control permissions for each team member on a per-droplet basis. My MAJOR concern now, before I can start using the team feature, is the ability for my team members to DESTROY droplet. I just can't give this permission...

    To summurize:

    - Ability to control which team member has access to each droplet
    - Ability to control whether a member can or CANNOT destroy a droplet
    - Ability enable / disable the creation of new droplets for each team member

    Without these, I unfortunately can't use the team feature.

  • Arcadina commented
    September 11, 2018 16:49

    An accounting permission will be appreciated, to enable only a certain users to access billing information. Thanks.