| Organizational Role | Recommended Kosli Role | Alternative | Rationale |
|---|---|---|---|
| Platform Engineers | Member | Admin (for leads) | Platform engineers need to set up flows, manage service accounts, configure integrations, and implement Kosli across teams. Member role provides these capabilities. Lead platform engineers managing the overall setup may need Admin access. |
| Application Developers | Member | Reader (for view-only) | Developers typically need to report attestations and manage flows for their applications. Member role enables this. Some developers may only need visibility into deployments and compliance status, making Reader sufficient. |
| Security & Compliance | Admin | N/A | Security and compliance teams need to manage policies, review audit data, control user access, and configure organization-wide settings. Admin role is required for these governance responsibilities. |
| Sponsors | Reader | N/A | Sponsors need visibility into adoption progress, compliance status, and overall system health but don’t need to make technical changes. Reader role provides necessary oversight without operational access. |
Understanding the mapping
This mapping is a starting point. Your organization’s structure and responsibilities may require adjustments:- Small teams: Developers might need Admin access if they handle all aspects
- Large enterprises: Strict separation may require more Readers, fewer Admins
- Regulated industries: Security teams might need dedicated Admin accounts separate from operations