Author: Rowan Haddad

Article

Jul 19, 2021
5min read

Fun with Flags: Access Control

Rowan Haddad

Rowan Haddad

Share on

LinkedIn Facebook Twitter

In the previous post in this series, we mentioned how important it is to adhere to naming conventions to keep track of your flags, such as who created them and for what purpose.

We also mentioned that in a worst case scenario without such conventions, someone could accidentally trigger the wrong flag inciting disruptions within your system.

This brings us to why it’s also essential to manage and control who has access to the flags in your system. Without access control, you might also risk someone switching on a faulty feature and going live to your user base.

Consequently, access control should be used to manage the level of control people across your organization have and restrict usage if necessary.

The general rule of thumb is to only give users the kind of access they require to do their job, not more and not less.

Let’s look at a practical example…

AB Tasty, for example, offers a feature flagging functionality that is designed to be used by product and marketing teams as well as developers while offering fine control over user access.

access management

As you can see in the image above, there are different categories of access under ‘Role’ in the AB Tasty dashboard. There are 4 categories overall, which are divided as follows: 

  • SuperAdmin- this is the category with the highest access privileges. The SuperAdmin can do anything from creating a project to toggling on/off a use case as well as access reporting.
  • Admin- the Admin can do almost anything a SuperAdmin can except create, delete or rename a project
  • User 
  • Creator 
  • Viewer 

User, Creator and Viewer have varying but lower levels of access with Viewer having the lowest level of access.

It’s essential that as your use-cases grow and as you go further along the feature flag journey, you are able to manage access for users at a detailed level.

This is also useful when you’ve scheduled regular flag clean-ups to avoid technical debt. By implementing access control, you’ll minimize the risk of having someone on your team accidentally delete a permanent flag. Similarly, it allows teams to track short-lived flags they created so that they can delete them from your system to avoid accumulation of technical debt.

This way, each flag owner would be responsible for assessing the flag they own and keep tabs on it by grouping flags by owner instead of allocating the task of auditing the entire set of flags in your system at random.

Determining who gets access to what

As you’ve seen so far, different teams within your organization could and should have different levels of visibility and access to flags.

Once you’ve decided who gets access to which flags, you’ll need to consider how to control access.

Are technical teams the only ones allowed to make changes or will other teams such as your product and marketing teams get access to flags too? If so, you might need a sophisticated control panel to help them make changes.

Opting for feature flags as a service from a third party will make this process easier rather than building your own system as such services would provide you with a rich UI control panel without costing you too much time and money.

In contrast, building your own advanced feature flag service could drain your resources, especially as your use cases become more advanced and as more of your teams start using this service simultaneously.

Read more about whether you’re better off building or buying a feature flagging management system.

Audit logs

One way to track changes and control access to feature flags is by constructing an audit log. Such a log would help you keep track of all changes being made to each feature flag, such as who made the changes and when.

It allows for complete transparency, giving full visibility over the implementation of any feature flag changes in your system.

Because flag configuration carries risk, having an audit trail of change is crucial, especially when flags are being used in a highly regulated environment such as in finance or healthcare.

Thus, this makes the process more secure when you restrict access to the number of people allowed to make changes to sensitive flags.

Why does this matter?

At this point, you may be wondering why you should even be considering giving all your teams, especially your non-technical teams access to feature flags.

While your team of developers are the ones who create these flags, it is usually your marketing or product teams who will decide when to release a feature and for what purpose. They are the ones that are working closely with your customers and know their needs and preferences.

It is usually the case that your marketing team is the one forming these experiments in the first place to test out a new idea and this team would know who are the most relevant users to test on.

Therefore, the marketing team would often be the one who’s handling the experimental toggles, for example, to run A/B tests.

Meanwhile, operational toggles such as a kill switch are usually handled by the operations team.

When you have a clear-cut UI panel, you are restricting what those teams can do so each team focuses on managing the flags they’re actually responsible for without allowing any room for error.

A management system should allow you to keep track of your toggles, who created them and who can flip them on and off safely.

Conclusion

It’s important that you ensure you have full visibility over the flags in your system and that everyone across your teams know their level of responsibility when it comes to implementing feature flags.

Most sophisticated feature management solutions provide role-based access controls as well as an audit log for flags and contributors for increased transparency over your flags.

With such solutions, you would have an easy to use interface that allows you to expand feature management beyond your development team in a safe and controlled manner.

Share on

LinkedIn Facebook Twitter

Subscribe to
our Newsletter

bloc Newsletter EN

We will process and store your personal data to respond to send you communications as described in our  Privacy Policy.

Article

Jul 12, 2021
6min read

Fun with Flags: Naming Conventions

Rowan Haddad

Rowan Haddad

Share on

LinkedIn Facebook Twitter

Feature flags are an indispensable tool to have when it comes to software development and release that can be used for a wide range of use-cases.

You know the saying ‘you can never have too much of a good thing’? In this case, the opposite is true. While feature flags can bring a lot of value to your processes, they can also pose some problems particularly if mismanaged. Such problems particularly come about when using an in-house feature flagging platform.

In this series of posts of ‘Fun with Flags’, we will be introducing some essential best practices when it comes to using and implementing feature flags.

In this first post, we will focus on an important best practice when it comes to keeping your flags organized: naming your flags.

What are feature flags?

First things first, let’s start with a brief overview of feature flags.

Feature flags are a software development practice that allows you to turn certain functionalities on and off to safely test new features without changing code.

Feature flags mitigate risks of new releases by decoupling code deployment from release. Therefore, any new changes that are ready can be released while features that are still a work-in-progress can be toggled off making them invisible to users.

There are many types of feature flags, categorized based on their dynamism and longevity that serve different purposes. 

As the number of flags within your system grows, the harder it becomes to manage your flags. Therefore, you need to establish some practices in order to mitigate any negative impact on your system. 

It is because of these different categories of flags that establishing a naming convention becomes especially important. 

Click here for our definitive guide on feature flags.

What’s in a name?

Defining a name or naming convention for your flags is one essential way to keep all the different flags you have in your system organized.

Before creating your first flag, you will need to establish a naming convention that your teams could adhere to when the time comes to start your feature flag journey. Thus, you need to be organized from the very beginning so as not to lose sight of any flags you use now and in the future.

The most important rule when naming your flags is to try to be as detailed and descriptive as possible. This will make it easier for people in your organization to determine what this flag is for and what it does. The more detailed, the less the margin for confusion and error.

We suggest the following when coming up with a naming convention:

  • Include your team name– this is especially important if you come from a big organization with many different teams who will be using these flags.
  • Include the date of creating the flag– this helps when it comes to cleaning up flags, especially ones that have been in your system for so long that they’re no longer necessary and have out-served their purpose.
  • Include a description of the flag’s behavior.
  • Include the flag’s category– i.e. whether it’s permanent or temporary.
  • Include information about the test environment and scope as in which part of the system the flag affects.

Let’s consider an example…

Let’s say you want to create a kill switch that would allow you to roll back or turn off any buggy features. 

Kill switches are usually long-lived so they may stay in a codebase for a long time, meaning it is essential the name is clear and detailed enough to keep track of this flag since its use can extend across many contexts over a long period of time.

The name of such a flag could look something like this:

algteam_20-07-2021_Ops_Configurator-killswitch

Following the naming convention mentioned above, the first part is the name of the team followed by the date of creation then the category and behavior of the flag. In this case, a kill switch comes under the category of operational (ops) toggles.

Using such a naming convention allows the rest of your teams across your organization to see exactly who created the flag, for what purpose and how long it has been in the codebase.

Why is this important?

Sticking with such naming conventions will help differentiate such long-lived flags from shorter-lived ones. 

This is important to remember because an operational toggle such as a kill switch serves a vastly different purpose than, for example, an experiment toggle.

Experiment toggles are created in order to measure the impact of a feature flag on users. Over the course of your feature flag journey, you may create numerous flags such as these to test different features.

Without an established and well-thought out naming convention, you’ll end up with something like ‘new-flag’ and after some time and several flags later, this naming system becomes tedious and repetitive to the point when you cannot determine which flag is actually new.

In this case, you might want to opt for something more specific. For example, if you want to test out a new chat option within your application, you’ll want to name it something akin to:

Markteam_21-07-2021_chatbox-temp

Such a name will clue you into who created it and what this flag was created for, which is to test the new chat box option and of course, you will know it’s a temporary flag. 

This way, there will be no more panic from trying to figure out what one flag out of hundreds is doing in your system or ending up with duplicate flags.

Or even worse, someone on your team could accidentally trigger the wrong flag, inciting chaos and disruption in your system and ending up with very angry users.

Don’t drown in debt

Making a clear distinction between the categories of flags is crucial as short-lived, temporary flags are not meant to stay in your system for long.

This will help you clean up those ‘stale’ flags, otherwise they may end up clogging your system giving rise to the dreaded technical debt

To avoid an accumulation of this type of debt, you will need to frequently review the flags you have in your system, especially the short-lived ones.

This would be no easy task if your flags had names like ‘new flag 1’, ‘new flag 2’, and well, you get the gist.

A wise man once said…

…“the beginning of wisdom is to call things by their proper name” (Confucius). In the case of feature flags, this rings more true than ever. 

Whatever naming convention you choose that suits your organization best, make sure that everyone across all your teams stick to them.

Feature flags can bring you a world of benefits but you need to use them with caution to harness their full potential. 

With AB Tasty’s flagging functionality, you can remotely manage your flags and keep technical debt at bay by providing you with dedicated features to help you keep your feature flags under control.

For example, the Flag Tracking dashboard within the AB Tasty platform lists all the flags that are set up in your system so you can easily keep track of every single flag and its purpose.

Sign up for a free trial today and see for yourself!  

Share on

LinkedIn Facebook Twitter