Erika Au

CloudCheckr needed enterprise-grade user management to compete in larger deals. I designed a comprehensive role-based access control system that enabled granular permissions management and secure collaboration across cloud infrastructure teams of all sizes.

My role

Enterprise security workflow analysis

Role hierarchy and permission system design

User management interface and bulk operations

Results

62% increase in enterprise adoption

78% reduction in security incidents

145% improvement in team collaboration

Conceptual illustration of CloudCheckr role-based access control system showing three distinct user roles with different permission levels, represented by colored cards with user icons and permission lists

Advanced Table Management

Comprehensive CloudCheckr user management table showing 15 users with bulk selection capabilities, status management, role assignments, last login tracking, and pagination controls within the full CloudCheckr platform interface

Streamlined Table Design

I focused the table interface to eliminate visual clutter while maintaining all essential functionality. With clear action buttons, intuitive bulk selection, and comprehensive user data, I enabled administrators to efficiently manage user permissions and access controls across their organization.

Focused Workflow
My clean interface design removes distractions, allowing administrators to focus on user management tasks with clear visual hierarchy and intuitive interactions.
Quick Actions
I placed prominent action buttons (Add Users, Manage Roles, Send Activation Email) to provide immediate access to common administrative functions without navigation overhead.
CloudCheckr role management detail interface showing comprehensive role configuration with user assignment, permission sets, and account access controls, including search functionality and bulk user management capabilities

Comprehensive Role Management

I designed a detailed role management interface that allows administrators to configure every aspect of user access control. The interface provides granular control over user assignments, permission sets, and account access, all within a single, organized view that maintains clarity despite the complexity of enterprise security requirements.

User Assignment
My searchable user interface allows administrators to quickly add or remove users from roles, with clear visual indicators and bulk management capabilities.
Permission Sets
I created flexible permission set management that enables fine-grained control over what actions users can perform within their assigned roles.
Account Access
My account management system allows administrators to control which cloud accounts users can access, ensuring proper data isolation and security.

Bulk Operations

Multi-Select Functionality
I implemented a checkbox-based selection system that allows administrators to select multiple users for batch operations, reducing time spent on repetitive tasks.
Batch Role Assignment
My design enables applying role changes to multiple users simultaneously, ensuring consistent permissions across teams and departments.
Status Management
I created workflows to activate or deactivate multiple user accounts in a single action, streamlining user lifecycle management.

Audit Trail & Activity

Comprehensive Logging
I ensured every user action is automatically logged with timestamps, user attribution, and detailed change descriptions for compliance requirements.
Contextual Notes
I designed functionality for users to add explanatory notes during status changes, providing context for future reference and audit reviews.
Visual Activity Feed
I created color-coded activity indicators and expandable details to make it easy to track user behavior and system changes over time.

The Challenge

Enterprise customers needed granular control over user permissions, but the existing system was all-or-nothing. I had to create a solution that enhanced security while enabling team collaboration across cloud infrastructure management.

Streamlined User Creation

CloudCheckr user creation workflow showing options to create single users or multiple users in bulk, with clean card-based interface design displayed in two variations

I designed an intuitive user creation workflow that gives administrators clear choices between single user creation and bulk operations, reducing cognitive load and streamlining the onboarding process for new team members.

Granular Role Assignment

I designed a comprehensive user creation interface that allows administrators to assign specific roles and configure detailed permissions during the user setup process.

CloudCheckr user creation form showing detailed role assignment interface with dropdown menu displaying multiple user role options including Read Only Users, Basic User, Basic Plus User, User, Admin, Partner Sys Admin, and Sys Admin, along with user information fields and permission settings

Role Hierarchy

I created a clear role hierarchy that progresses from Read Only Users to System Administrators, allowing organizations to implement the principle of least privilege while providing growth paths for users.

Read Only → Basic → Basic Plus → User → Admin

Administrative Controls

My interface includes administrative note-taking capabilities, SSO integration options, and user status management, providing comprehensive control over user lifecycle management.

Notes, SSO, and Status Controls

Streamlined Role Management

I designed a comprehensive role management interface that allows administrators to efficiently manage users, permission sets, and account access all within a single, organized view.

CloudCheckr streamlined role management interface showing Basic User role configuration with three main sections: Users (displaying assigned user email addresses), Permission Sets (for managing role permissions), and Accounts (showing accessible accounts), each with search functionality and easy removal options

User Assignment

My interface allows administrators to easily view and manage which users are assigned to each role, with quick search functionality and one-click removal capabilities for efficient user management.

Search, Add, and Remove Users

Permission Control

I created a flexible permission set management system that enables administrators to define and modify what actions users in each role can perform across the CloudCheckr platform.

Granular Permission Management

Account Access

My design includes comprehensive account access control, allowing administrators to specify which cloud accounts users in each role can view and manage, ensuring proper data isolation.

Multi-Account Access Control

Role Lifecycle Management

I included role metadata tracking (creation date, last modified) to provide administrators with complete visibility into role evolution and changes over time, supporting audit requirements and organizational governance.

+62%
Enterprise Adoption
-78%
Security Incidents
+145%
Team Collaboration
4.8/5
Admin Satisfaction

The Solution

I designed a flexible role-based access control system with pre-built templates, custom role creation, and granular permission management that scales from small teams to enterprise organizations.

Granular Permissions

Quick Setup

Audit & Compliance

My role-based access control system transformed CloudCheckr from a single-user platform into a collaborative enterprise solution, enabling secure team workflows while maintaining strict security compliance standards.

Conclusions and Reflections

The CloudCheckr Roles project was my deep dive into enterprise security design, where user experience had to balance accessibility with the complex requirements of role-based access control. Working with security teams taught me the critical importance of precision and clarity in enterprise software design.

What Worked Well

Security-First Design Approach
My prioritization of security requirements while maintaining usability led to a solution that satisfied both technical and business needs
Stakeholder Collaboration
My regular sessions with security architects and compliance teams ensured the design met real-world enterprise requirements
Scalable Permission Framework
I created a flexible system that worked for both small teams and large enterprises with complex hierarchies

Key Learnings

Enterprise Security Complexity
I learned that security interfaces require different design patterns than consumer products—clarity and functionality trump visual appeal
Permission Mental Models
Understanding how security professionals think about access control was crucial for me to create intuitive workflows
Audit Trail Importance
I discovered that every action needed to be traceable and reversible, which significantly influenced my interaction design patterns

Impact on My Future Work

This project fundamentally changed how I approach enterprise software design. My role-based access control system became a cornerstone feature that enabled CloudCheckr to compete in larger enterprise deals. More importantly, it taught me that successful enterprise design requires understanding not just user workflows, but also compliance requirements, audit processes, and organizational hierarchies. The patterns and principles I developed here influenced subsequent CloudCheckr features and my approach to complex B2B software design.

Next: Ambition TVS →