LogoLogo
Login to CortexBook a DemoCortex Academycortex.io
  • Cortex Docs
  • Cortex Quick Start
  • Ingesting data into Cortex
    • Managing Entities
      • Adding entities
        • Add services
        • Add domains
        • Add teams
        • Add custom entity types
        • Defining dependencies
      • Entity details page
      • Defining ownership
      • Defining relationship types
      • Grouping entities
      • Adding external documentation
      • Adding Deploy data
      • Adding custom data
      • Viewing discovered entities
      • Archiving entities
      • Relationship graph
      • Using On-call Assistant for incidents
      • Managing Terraform infra in Cortex
    • Managing Catalogs
    • Integrations
      • Internally hosted integrations
      • ArgoCD
      • AWS
      • Azure DevOps
      • Azure Resources
      • BambooHR
      • Bitbucket
      • BugSnag
      • Buildkite
      • Checkmarx
      • CircleCI
      • ClickUp
      • Codecov
      • Coralogix
      • Custom webhook integrations
      • Datadog
      • Dynatrace
      • Entra ID (Azure AD)
      • FireHydrant
      • GitHub
      • GitLab
      • Google
      • Grafana
      • incident.io
      • Instana
      • Jenkins
      • Jira
      • Kubernetes
      • LaunchDarkly
      • Lightstep
      • Mend
      • Microsoft Teams
      • New Relic
      • Okta
      • Opsgenie
      • PagerDuty
      • Prometheus
      • Rollbar
      • Rootly
      • Sentry
      • ServiceNow
      • Slack
      • Snyk
      • SonarQube
      • Splunk Observability Cloud (SignalFx)
      • Splunk On-Call (VictorOps)
      • Sumo Logic
      • Veracode
      • Wiz
      • Workday
      • xMatters
  • Scorecards
    • Initiatives and Action items
      • Creating issues based on Initiatives
    • Scorecard rule exemptions
    • Scorecard rule filters
    • Scorecard examples
    • Scorecards as code
  • Reports
    • Executive report
    • All Scorecards report
    • Bird's eye report
    • Progress report
    • Report card
  • Eng Intelligence
    • Custom Metrics
    • Jira Metrics
    • Metrics Explorer (Beta)
  • Cortex Query Language (CQL)
    • Using CQL reports
    • Using JQ in Cortex
  • Workflows
    • Creating a Workflow
      • Workflows as code
    • Blocks
    • Running a Workflow
    • Registering a Scaffolder template
      • Scaffolder advanced usage
    • Using a Workflow to sync in ArgoCD
    • Kicking off a Jenkins pipeline in a Workflow
    • Calling internal service endpoints in a Workflow
  • Plugins
    • Creating a plugin
      • Creating a plugin proxy
    • Migrating Backstage plugins to Cortex
  • Engineering homepage
  • Workspace Settings
    • Using GitOps for Cortex
      • GitOps logs
    • Managing users
      • Roles and permissions
        • Custom roles
        • Team ownership entity editing
      • Configuring SSO
        • Microsoft Entra ID
        • Google
        • Other OIDC providers
        • Okta
          • Okta SCIM
      • Configuring identity mappings
      • Onboarding management
    • API keys, secrets, and tokens
      • Secrets
      • Personal tokens
    • Audit logs
    • Entity settings
      • Data verification
      • Auto archiving entities
    • IP allowlist
    • Notifications
      • Notification logs
    • Customizing your workspace
    • Using search in Cortex
  • Cortex API
    • REST API operations
      • API Keys
      • Audit Logs
      • Catalog Entities
      • Custom Data
        • Custom Data (Advanced)
      • Custom Events
      • Custom Metrics
      • Dependencies
      • Deploys
      • Discovery Audit
      • Docs
      • Eng Intel: User Labels
      • Entity Relationship Types (Beta)
      • Entity Relationships (Beta)
      • Entity Types
      • GitOps Logs
      • Groups
      • Initiatives
      • Integrations APIs
        • Azure Active Directory (Entra ID) API
        • Azure Resources API
        • AWS API
        • Azure DevOps API
        • CircleCI API
        • Coralogix API
        • Datadog API
        • GitHub API
        • GitLab API
        • incident.io API
        • LaunchDarkly API
        • New Relic API
        • PagerDuty API
        • Prometheus API
        • SonarQube API
      • IP Allowlist
      • Notification Logs
      • On call
      • Packages
      • Plugins
      • Queries
      • SCIM
      • Scorecards
      • Secrets
      • Team Hierarchies
      • Teams
      • Workflows
Powered by GitBook
On this page
  • Where to view entity owners
  • Define owners for entities
  • Automatic discovery for AWS
  • Viewing entity ownership
  • View your owned entities
  • View a team's owned entities
  • View entities owned by all teams within a hierachy
  • Ownership settings in Cortex

Was this helpful?

Export as PDF
  1. Ingesting data into Cortex
  2. Managing Entities

Defining ownership

Last updated 4 days ago

Was this helpful?

Ownership is a core use case of Cortex, as many organizations seek to establish clear ownership of services, data, and other entities. Entities should be owned within Cortex to ensure appropriate action can be driven using Scorecards and Initiatives.

Ownership can be defined by accepting Cortex's automated recommendations for ownership, pulled in from third-party integrations, or defined manually in the Cortex UI. Ownership can also be inherited from an entity's .

By mapping every service and resource to its responsible , issues get resolved faster, accountability is clear, and decisions happen quickly.

Ownership drives which users will receive from Cortex, including alerts for on-call changes, when is needed on an assigned entity, when an entity is re-evaluated and its Scorecard changes, and more.

Where to view entity owners

When viewing an entity, the owners appear in the metadata bar at the top of the page:

Click into the team name to view the team's entity page, including a list of members and a list of entities owned by that team.

Define owners for entities

You can define owners based on:

  • A team

    • We recommend setting up teams as owners. If you link a group in your YAML file from a different platform (such as Okta), the members of the team will be automatically updated in Cortex if anyone leaves your organization and is removed from your integrated identity provider.

  • A user email address

Owners can be defined:

  • By accepting Cortex's automated recommendations for owners, based on repository activity

  • Automatically if Cortex detects that an entity is owned by a team that does not yet exist in Cortex

    • If an entity's YAML references a team, but that team doesn't have a corresponding entry within Cortex, Cortex will automatically create a team. The team will include a label that says Automatically created by Cortex.

  • Directly in the Cortex UI

Cortex automated recommendations for ownership

This feature is available in private beta. Please reach out to your Cortex Customer Success Manager for access. Note the following considerations:

  • This feature is supported for entities associated with a repository in GitHub, GitLab, or Azure DevOps. It is not supported for monorepos.

  • You must have at least one team in Cortex in order for Cortex to provide recommendations.

  • To accept or reject the recommended owner, the user must have the Edit entities permission.

Cortex analyzes a repository and automatically recommends a team owner for entities that do not have an owner.

Review ownership recommendations in bulk

To review and assign ownership across all unowned entities:

  1. In the main nav of Cortex, click Tools > Ownership.

    • A list of recommendations for ownership is displayed.

  2. Review and accept the recommended owners.

    • To apply all recommended owners: Ensure the checkboxes for all entities are selected, then at the top of the list, click Accept recommendations.

    • To apply selected owners: On the left side of the list, check the box next to the entities whose recommended owners you want to accept. When you are finished selecting, click Accept recommendations at the top of the list.

Review ownership recommendations per entity

Define owners in the Cortex UI

  1. Search for and select the entity whose ownership you want to edit.

  2. In the upper right corner of the entity's page, click Configure entity.

  3. Click the Owners tab, then click +Add next to Teams or Users.

    • Add team:

      • Select a team from the dropdown menu, then click Add.

    • Add user:

      • Select a user from the dropdown menu, then click Add.

      • You can also add a user who is not listed in Cortex. To do this, enter an email address into the Email address field, then click Add.

Define owners in the entity descriptor

The x-cortex-owners field allows you to define a list of owners of type email or group.

x-cortex-owners:
  # Groups can be pulled from various integrations
  - type: group
    name: my-team
    provider: CORTEX
    description: This is a description for this owner # optional
  - type: email
    email: user@example.com
    description: This is a description for this owner # optional

Cortex recognizes groups from the following integrations:

The value of provider is the name of the integration that the group is coming from. The available list is:

  • ACTIVE_DIRECTORY

  • AZURE_DEVOPS

  • BAMBOO_HR

  • CORTEX: Use when referring to a team defined in Cortex; these teams do not map to identities from a connected integration.

  • GITHUB

  • GITLAB

  • GOOGLE

  • OKTA

  • OPSGENIE

  • SERVICE_NOW

  • WORKDAY

name is a case-sensitive field that refers to the following:

  • if your provider is CORTEX, name corresponds to the x-cortex-tag for the Cortex team you want to identify as an owner

  • otherwise, name corresponds to the upstream identifier of your owner from your integration

Automatic discovery for AWS

You can pull in all resources from AWS, and Cortex syncs those owners automatically based on their tags in AWS, allowing you to easily keep the resource owners up to date.

Cortex syncs ownership from AWS every day at 6 am UTC.

Viewing entity ownership

View your owned entities

Child team visibility

To see a list of entities you own directly and entities that are owned by your team's child teams:

    1. The list defaults to displaying the "Mine" tab, showing only the entities you own.

  1. At the top of the list, click Display.

  2. Enable the toggle next to Include child teams.

  3. Click Done.

View a team's owned entities

You can filter the entity list by owner:

  1. In the upper right corner, click Filter.

View entities owned by all teams within a hierachy

Teams can exist within hierarchies. You can view a list of all entities that are owned by the parent team and all children teams in the hierarchy:

  1. Navigate to the parent team's page in Cortex.

  2. Click the Entities tab.

  3. Click Display, then enable the toggle next to Inherited Children.

  4. Click Done.

The list will now display all entities owned by the parent and its children teams. Note that this setting does not persist when you navigate away from the page.

Ownership settings in Cortex

You can who will be defined as owners for your entities.

By pulling information from third-party integrations in the

Ownership can also be inherited via .

The ability to must be enabled.

If an entity does not have an owner and Cortex has recommendations for who the owner should be, it will be flagged in the ownership tool under Tools > Ownership, in the "Owners" section of an entity details page overview, in the "Owners" sidebar link on an entity details page, and it will appear during the import process when .

Users can edit ownership on this page only if they have edit access for all entities. If a user only has edit access for some entities, they can accept ownership recommendations from an entity's details page,

Users can accept ownership recommendations for an entity if they have edit access for that specific entity, and if UI editing is enabled for that entity type under .

On an next to the "Owners" field, click Recommendations.

Review the suggested owners. To accept a recommendation, check the box next to the recommended owner then click Add owners.

In Cortex, navigate to .

Cortex can automatically discover ownership for your AWS resources using their owner tag. To enable this, make sure that your AWS resources have an owner tag matching the x-cortex-tag of the corresponding Cortex team and enable the Sync ownership from AWS toggle in .

To see a list of entities you own directly, navigate to then click the Mine tab:

Navigate to .

Under , click the All tab.

In the left side of the filter modal, click Teams. Select teams from the dropdown, then click Apply at the bottom.

Read more about hierarchies in .

Under , there are several settings relating to teams. Read more about these in the .

adding entities
Settings > GitOps
Catalogs > All entities
Azure Active Directory
Azure DevOps
BambooHR
GitHub
GitLab
Google
Okta
Opsgenie
ServiceNow
Workday
Settings > AWS
Catalogs > All entities
Catalogs > All entities
Setting up a team hierachy
Settings > Entities
Teams documentation
as described below under "Review ownership recommendations per entity."
teams
notifications
verification
entity details page
Catalogs > All entities
entity descriptor YAML
edit entities in the UI
fallback or append configuration
fallback or append configuration
Entity owners appear at the top of an entity page.
In the Owners tab, click +Add.
While viewing owned entities, click Display then add inherited children to the view.
The ownership tool lists entities and recommended owners.
Click "Display" then enable "Include child teams".
create or import the teams and users