Managing Projects¶
Create isolated environments with dedicated cloud accounts and budgets in the Supercloud platform.
Overview¶
A project is an isolated cloud operations governance environment with one or multiple cloud accounts -- spanning AWS, Azure, GCP, Alibaba Cloud, OVH, and OpenStack -- and dedicated budgets. Projects provide a way to organize work, control access, and track resources for specific initiatives within the cloud governance and computing platform.
Key Characteristics¶
- Projects are created under RosettaHub organizations
- Users participate in projects through assigned project roles (CPOC, ADMIN, SUPERUSER)
- Each project has its own dedicated cloud accounts, isolated resources, and budgets
- Projects can have multiple cloud accounts spanning different providers
- Roles can be assigned directly to users on a project, or inherited from the organizations they belong to
Management Roles¶
| Role | Description |
|---|---|
| CPOC | View-only access to managers, resources, and connections |
| ADMIN | Full resource access, cannot manage managers or delete project |
| SUPERUSER | Complete control including manager assignment and deletion |
Default Role
When you create a project under a sub-organization, you automatically receive the SUPERUSER role on that project.
Permissions Matrix¶
| Action | CPOC | ADMIN | SUPERUSER |
|---|---|---|---|
| Delete the project | |||
| Add a manager | |||
| Remove a manager | |||
| Set Regions, Instance Types, Services | |||
| Stop All, Terminate All, Cleanup All | |||
| Go to Cloud Console | (read-only) | ||
| Download, Reset credentials | |||
| View project managers | |||
| View cloud resources | |||
| Connect to cloud instances |
Project Rules¶
- Creation Requirements - You must be a manager of at least one organization to create projects
- Naming Convention - Project names must start with the capitalized subdomain of the root organization plus a dash (e.g.,
ACME-WebApp)
Managing Projects¶
Access the Project¶
Go To Project
Access the project workspace by masquerading as the project:
- Select the project
- Click Go To Project
- You'll be logged into the project's context
Cloud Accounts¶
Show Cloud Accounts
View cloud accounts linked to the project:
- Select the project
- Click Show Cloud Accounts
- Cloud Accounts panel opens filtered to project accounts
Manager Assignment¶
Assign Managers
- Select the project
- Click Assign Managers
- Choose users from organizations you manage
- Assign role (cannot exceed your own role)
Role Limitation
You can only assign managers with roles at most equal to your own on that project.
Permissions & Limits¶
Assign Roles
Configure the project's permission perimeter:
- Region roles
- Cloud service roles
- Instance type roles
Set Limits
Set resource limits for all cloud accounts in the project:
- Maximum number of instances
- Maximum disk size
- Maximum storage size
Configuration¶
| Action | Description |
|---|---|
| Set Perspective | Enforce a perspective for all project users |
| Set Billing Code and Purchase Order | Configure financial tracking |
| Customize | Change label, description, and appearance |
Deletion¶
Delete Project
Irreversible Action
Deleting a project:
- Cleans all linked cloud accounts
- Moves cloud accounts to the pool
- Removes all project resources
- Cannot be undone
Requirements:
- SUPERUSER role on the project
- All resources should be backed up before deletion
Use Cases¶
Research Project¶
Create isolated environments for research teams:
- Dedicated compute resources
- Separate budget tracking
- Team-specific permissions
Training Environment¶
Set up temporary environments for courses:
- Controlled access for students
- Budget caps per participant
- Easy cleanup after course completion
Development/Staging¶
Isolate development from production:
- Separate cloud accounts
- Different permission sets
- Independent budget allocation
Best Practices¶
Project Organization
- Use clear, descriptive project names
- Document project purpose and ownership
- Set up billing codes from the start
Access Control
- Grant minimum necessary permissions
- Use CPOC for stakeholders who only need visibility
- Reserve SUPERUSER for project leads
Resource Management
- Set appropriate limits before adding resources
- Monitor budget consumption regularly
- Schedule resource cleanup for time-limited projects
Related Topics¶
- Cloud Operations Overview - The governance layer of the Supercloud
- Managing Organizations
- Managing Cloud Accounts
- Managing Users