Skip to main content

Documentation Index

Fetch the complete documentation index at: https://budecosystem-b7b14df4.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Access Model

Bud access control is built on layered decisions:
  1. Authentication confirms identity.
  2. User type and role define baseline capabilities.
  3. Global scopes decide module-level actions.
  4. Project scopes refine access inside shared projects.

User Types

  • Admin: Platform operations, governance, and cross-module management.
  • Client: Project and deployment workflows within allowed boundaries.

Roles

Common roles include:
  • super_admin
  • admin
  • developer
  • devops
  • tester
  • user
Roles are organizational presets; effective access is determined by assigned permissions.

Permission Scopes

Most modules use paired scopes:
  • module:view
  • module:manage
Examples:
  • model:view, model:manage
  • project:view, project:manage
  • cluster:view, cluster:manage
  • benchmark:view, benchmark:manage
  • user:view, user:manage

Project Scope Inheritance

Project sharing extends access to resources inside that project.

User Lifecycle States

StateMeaningTypical Action
invitedAccount created, pending first loginResend invite if needed
activeUser has authenticated and can operateMonitor usage and permissions
deletedUser is deactivatedRecreate or restore through admin process

Security Design Principles

Least Privilege: Start with view scopes and elevate only when needed.
Separation of Duties: Split operational and governance responsibilities.
Reviewability: Keep permissions understandable and auditable.
Revocability: Remove access quickly through user deactivation and scope edits.