LaunchDarkly's basic role-based permission system provides global access control levels for team members based on a set of built-in roles (reader, writer, or admin / owner). Customers on enterprise plans also have access to LaunchDarkly's custom roles system. Custom roles allow you to create flexible policies providing fine-grained access control to everything in LaunchDarkly-- from feature flags to goals, environments and teams. With custom roles, it's possible to enforce access policies that meet your exact workflow needs. For example, you can:
- Lock your production environment down to a small set of trusted users
- Distinguish infrastructure-level feature flags (controlled by your devOps team) from experiments (controlled by product management or marketing)
- Allow QA members to control feature flags on designated QA environments only
Our custom role system is inspired by AWS Identity and Access Management (IAM), so if you're familiar with IAM, you'll see a few similarities.