Developer-oriented cloud infrastructure provider DigitalOcean Holdings Inc. today announced updates to its role-based access control for streamlined company security and operations.

Digital Ocean’s role-based access control is a method for managing the use of access to systems and resources within an organization by assigning permissions to roles rather than to individual users. The updates today offer a new set of predefined roles that make it easier for DigitalOcean administrators to provide a customizable level of access to their individual users.

With RBAC, users are assigned roles based on their job responsibilities, qualifications and expectations. With the new predefined roles, DigitalOcean customers can build on the existing basic roles — owner, member and biller — which are designed to fit the most common use cases requested by customers.

The new roles include Modifier, a role that allows users to update resources without the ability to delete them, making it suitable for teams that need to protect sensitive resources from accidental deletion while still enabling management.

A new Billing Viewer role provides read-only access to billing information, offering insight into cost analysis, transparency and governance without exposing sensitive operational controls. The third new role, the Resource Viewer role, grants read-only access to resources and is ideal for audit or compliance purposes, with no permissions to create, update or delete resources.

The additional roles are said to simplify permission management and enhance security by ensuring that users have only the access necessary to perform their job functions.

“Scaling your business means adding developers and other job functions to your teams, but we believe that should not mean adding complexity in managing identity and access,” said Chief Information Security Officer Tyler Healy. “With our new predefined roles, you can assign privileges in a way to minimize risk and meet audit or compliance requirements.”

Along with the announcement today, DigitalOcean also teased a number of things it’s working on that are expected to be formally revealed in the coming months.

The planned features include per-bucket Spaces access keys that provide Spaces bucket access keys on a per-bucket basis. There will also be RBAC custom roles that allow customers to configure custom, persistent, reusable permission sets for their business needs that are not met by RBAC predefined roles.

Image: DigitalOcean