giantswarm · QuentinBisson · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024
@@ -6,7 +6,7 @@ menu:
   principal:
     parent: overview
     identifier: overview-observability
-last_review_date: 2024-06-06
+last_review_date: 2024-12-11
 owner:
   - https://github.com/orgs/giantswarm/teams/sig-product
 ---
@@ -23,6 +23,8 @@ Observability is a fundamental aspect of modern cloud-native environments, provi
 
 - **Alerting**: To not just look at dashboards all day it's crucial to be able to get notified about significant events or issues that require immediate attention. By making it easy to set up and configure alerting rules across apps and environments, our observability platform's alerting helps your teams avoid wasting time on repetitive tasks, thereby enhancing their efficiency and allowing them to focus on what matters.
 
+- **Multi-Tenancy**: To isolate your observability data between teams or internal organizations, Giant Swarm provides you with multi-tenant storage of and access to your observability data.
+
 One of the key benefits using Giant Swarm is that we provide a set of reliable and highly integrated observability tools that our own teams already use on a daily basis and will help you have a comprehensive view of your applications and infrastructure.
 
 ## Cloud-native technologies

@@ -7,7 +7,7 @@ menu:
     identifier: tutorials-observability-data-exploration-accessing-grafana
     parent: tutorials-observability-data-exploration
 weight: 40
-last_review_date: 2024-07-17
+last_review_date: 2024-12-12
 user_questions:
   - How to access Grafana?
   - How to access metrics from my clusters?
@@ -51,6 +51,8 @@ There is one identity provider configured for Giant Swarm staff and one for you
 
 After selecting the right identity provider, you may run through an authentication workflow. However, if you are already authenticated within the current browser, this will be skipped and you should see the Home dashboard as a result.
 
+When you log in, you will be logged into the `Shared Org`, which contains a curated set of provided dashboards that are managed and accessible to everyone. If you want to learn more about organizations and multi-tenancy, we can only advise you to read the related [documentation]{{< relref "/tutorials/observability/multi-tenancy" >}}).
+
 ## Limitations
 
 Grafana access is currently not available in shared installations, where several customer's observability data would be available from the same Grafana instance.
@@ -0,0 +1,15 @@
+---
+title: Multi-tenancy
+description: Guides explaining how to configure multi-tenancy in the Observability Platform.
+weight: 20
+menu:
+  principal:
+    parent: tutorials-observability
+    identifier: tutorials-observability-multitenancy
+last_review_date: 2024-12-12
+owner:
+  - https://github.com/orgs/giantswarm/teams/team-atlas
+user_questions:
+  - How to isolate data into the observability platform?
+  - How to create grafana organizations?
+---
@@ -0,0 +1,45 @@
+---
+linkTitle: Creating a Grafana organization
+title: Creating a Grafana organization
+description: Guide explaining how to manage Grafana organizations in the Observability Platform.
+menu:
+  principal:
+    identifier: tutorials-observability-multitenancy-create-grafana-organization
+    parent: tutorials-observability-multitenancy
+weight: 40
+last_review_date: 2024-12-12
+user_questions:
+  - How to create a grafana organization?
+  - How to access multi-tenant observability data?
+owner:
+  - https://github.com/orgs/giantswarm/teams/team-atlas
+---
+
+When you first access [your installations `Grafana`]({{< relref "/tutorials/observability/data-exploration/accessing-grafana" >}}), you will be accessing an organization named _Shared Org_, which gives you access to a set of curated dashboards. However, if you want to provide multi-tenancy of your observability data (isolation between tenants), the observability platform allows you to create your own organizations in self-service.
+
+## Creating your own organization
+
+To create your own `Grafana` organization, you can create a [`GrafanaOrganization`](https://raw.githubusercontent.com/giantswarm/observability-operator/refs/heads/main/config/crd/observability.giantswarm.io_grafanaorganizations.yaml) custom resource in the management cluster containing the `Grafana` organization specification.
+
+For example:
+
+```yaml
+apiVersion: observability.giantswarm.io/v1alpha1
+kind: GrafanaOrganization
+metadata:
+  name: giantswarm
+spec:
+  displayName: Giant Swarm
+  rbac:
+    admins:
+    - giantswarm-admins
+    editors:
+    - giantswarm-editors
+    viewers:
+    - giantswarm-viewers
+  tenants:
+  - giantswarm
+```
+
+Our operators will create this `Grafana` organization named _Giant Swarm_. It will be equipped with a basic set of data sources for Loki, Mimir and Alertmanager, giving you access to the `giantswarm` tenant.
+The Role Base Access Control (RBAC) section defines how to map your groups from your identity provider to `Grafana` admin roles (`Admin`, `Editor`, `Viewer`). Note that only the `admins` field is mandatory in this section.