Skip to content

Running an Org

Beyond the per-app surfaces, the dashboard ships org-wide operational tools: alerts, audit, cost, quotas, members, and operator-only views for clusters and providers.

Overview

/dashboard is the home page when you log in.

A four-card status row summarises platform state: number of teams, number of projects, registered apps, and active deployments. A Fleet health card aggregates the latest deployment status across every app. Recent projects and the Activity event stream sit below.

Events and audit

/events is the platform event log — deployment lifecycle, manifest sync, managed-service state changes, ingress reconcile, etc. Filter by event type. Click an event to expand its payload.

/audit is the security-relevant subset: every mutation that changed platform state. Each row records the actor (user or service identity), the action, the target, the decision (allow / deny / require_approval), the request ID, and the structured event data. Filter by action, decision, or actor.

Both pages stream live updates and support a deep-link export — useful when correlating a customer ticket with a specific operator action.

Alerts

/alerts is the alert-rule + firing-event console.

Three summary cards at the top: total rules (and how many active), unresolved firing events, total events in the current window.

The Rules table lists every rule: name, target (app / env / workload / global), severity (info / warn / critical), creation time, active state. The bell icon at the row start flips between green (active) and muted (disabled).

New rule opens a sheet with:

  • Name — short slug-style identifier.
  • Target — what scope the rule watches. global rules ignore the target ID; the dashboard disables the field when you pick global.
  • Target ID — app slug, env name, or workload slug depending on target. Backend rejects non-empty values for global.
  • Severity — info / warn / critical.
  • Predicate — JSON describing what event pattern fires the rule. Validate as you type; parse errors surface inline.
  • Notify channels — JSON describing where firing events go (Slack channel, email list, webhook URL).

The Recent events table shows firing instances. Severity dot, summary, fired-at, and state (firingacknowledgedresolved). Ack silences a firing event while you investigate; the rule loop resolves it once the underlying condition clears.

The acknowledge mutation is idempotent — clicking Ack twice is a no-op. The rule loop also rejects firing on a global rule with a non-empty target ID; the dashboard's input gating mirrors that rule.

Cost

/cost rolls up daily cost snapshots across the platform. Pick a window (last 7 / 30 / 90 days) and the page renders a stacked area chart by cost category, plus a per-app table of cost contribution.

Cost data comes from the cloud's pricing API — Astrolift never guesses or hard-codes prices. If your install hasn't yet wired credentials for the cost-collection job, the page renders a configuration empty state with operator instructions.

Quotas

/quotas shows your install's resource ceilings: per-org caps on apps, environments, deploy concurrency, preview environments, managed services, and the rolling cost ceiling. Each row displays current usage vs the ceiling with a coloured bar.

Quotas are enforced at mutation time — exceeding a ceiling causes the relevant create* mutation to return a QUOTA_EXCEEDED error.

Members

/members is the org-wide identity surface: members, role bindings, and pending invitations.

The Members card lists every signed-in user with their primary scope (org / team / project / app), join time, and last-seen timestamp. Soft-delete removes the user from the org without breaking historical audit trails.

The Role bindings card lists every grant: user (or external group ID), role slug, scope kind + ID, grant time, expiry. Grant role opens a sheet with a user-PK input, role picker, and scope picker; the scope kind is locked to the chosen role's scopeLevel.

Pending invitations live in their own card. Each row shows the invitee email, the role slug, expiry, and the inviter. Revoke a pending invitation if you change your mind before they accept.

Settings

/settings/organization is org-wide identity + retention defaults.

  • General — display name, website. Slug is immutable.
  • Retention defaults — audit log retention days, preview env cap, app log retention. New apps inherit these; existing apps keep their own values until explicitly edited.
  • User policies — toggle whether members can edit their own profile (turn off for SSO-only deployments where the IdP is the source of truth).

/settings/identity-provider configures OIDC / SAML / SCIM. The active IdP drives login behaviour for everyone in the org.

Operator views

These pages are visible only to operators (typically the install's platform team).

/clusters lists every tenant Kubernetes cluster the platform can deploy onto. Status, provider plugin (k8s_native / EKS / GKE / AKS), region, ingress class, last capability probe.

Click a row to open /clusters/<slug> for the per-cluster detail: connection (API endpoint, auth method, ingress class, registered timestamp) and the capabilities probe output (the JSON the provider plugin reports about cluster features).

/providers lists registered provider plugins and their configuration. /source-providers does the same for SCM connections that apps can register against.

When in doubt

The CLI mirrors most of these surfaces. astro alerts list, astro cost, astro audit, astro members. The dashboard is faster for browsing and editing; the CLI is faster for scripting and CI.