Projects
Projects are used to organize and control access to resources in Chariot. Projects are grouped into organizations. A user can be a member of multiple organizations, and, within each organization, they can be a member of zero or more projects. Each user's permissions are defined by their role in an organization and in the project.
Creating a Project
To create a project, click the +New Project button in the upper-right corner of Chariot.
Use the promps to provide the following information:
-
Organization: Pick an organization that you have permission to add the project to.
-
Name: The project name that you use will be visible to all users who have access.
-
Description: Briefly describe the project.
-
Visibility: Set the project to public, private, or restricted.
Click Create Project. Once the project has been created, you can add new users to it. The creator will automatically be added as an owner.
When you select your project on the main page, you will get an overview page with several tabs that contain meaningful information about the project.
-
Users and Access: This tab displays all users with access to this project. Click Add User to add new users to the project.
-
Secrets: You can use this tab to manage project-level secrets.
Click the drop-down arrow on the right side of the project page under the Project button to bookmark, update, or delete the project.
Project Secrets
Secrets are crucial for securely managing sensitive information such as API keys, passwords, tokens, and certificates. These secrets are necessary to protect access to external services, databases, and internal systems, ensuring that only authorized entities can interact with these resources. By securely storing and managing secrets, these platforms help maintain the confidentiality, integrity, and availability of sensitive data, allowing for secure and seamless operations within various software environments.
How do I create a secret, and who has access to it?
To make a secret, navigate to a project of your choice and click on the Secrets tab. From there, you can follow the wizard to create either a single variable or an s3 connection. Users who have read access to this project will be able to view the secret's existence but not the values. Users with write permission will be able to modify the values for the secret.
How do I access a secret?
Currently, you can only use secrets through the API. This can be helpful if you want to reference the secrets within a Workspace. We plan to allow services like datasets or models to use these project-level secrets in the future. To use the API, you will need to set your authorization header so that it contains bearer \[your-token\], which can be found on your profile.
The following API request will list out all of the secrets of that project:
GET https://<HostName/>/api/identity/v2/settings/project/[project-id]/?sort=name&desc=false
You will get a payload that looks similar to the following JSON:
{
"data": [
{
"_id": "2kFmBSWjqxWEGarZC9kkeYOpgMD",
"_key": "secret/Custom/2kFmBSWjqxWEGarZC9kkeYOpgMD",
"_type": "secret/Custom",
"_updated_at": 1722887562,
"name": "test",
"value": "********"
}
]
}
To retrieve the actual content of a secret, you will need the _key. Note that the ?raw=true query parameter is needed to get the real value out of the secret. Only people with write access will get a response from this API call:
GET https://<HostName/>/api/identity/v2/settings/project/[project-id]/[key]?raw=true