Terminology to Understand Anypoint Business Groups

byGonzalo Marcos -


Anypoint Business Groups is sometimes a concept difficult to explain. Although it might seem that Business Groups are just an org within another org, it’s more complex than that. In my experience working with customers in the past years, this is normally because Business Groups put together quite a few different types of objects and entities that are specific to Mulesoft and we don’t understand individually each concept. 

So, in this post, we will focus on explaining the different concepts required to fully understand what a Business Group is and how it works.


Our Anypoint Org

Let’s start with our Anypoint Org. What exactly do we get when we get a Mulesoft License? Short Answer - An Anypoint Org. Long Answer - Our Anypoint Org is a tenant in the Mulesoft Cloud, that is, an instance of the Anypoint Platform hosted in the Mulesoft Cloud infrastructure (AWS).
The Mulesoft Infrastructure is shared by all Mulesoft Customers, but our tenant (org) is fully isolated from the rest of customers’ tenants and the availability of resource is guaranteed (by contract)

Anypoint Platform Architecture

The Anypoint Platform consists of two planes:
  • Control Plane - Collection of Managed Services hosted in the Mulesoft Cloud. e.g. Runtime Manager, Design Center, Exchange…
  • Runtime Plane - Where the mule runtimes are hosted and your applications run. The underlying infrastructure can be hosted in the Mulesoft Cloud (Cloudhub) or in your own infrastructure (Standalone, Runtime Fabric)


Organization

Referred to as Org, Master Org or Root.
It’s the instance of your Anypoint Platform. The Anypoint Org is the highest-level container in Anypoint Platform. It represents your company or enterprise. Within this Org, you define users, teams, and business groups. Every Anypoint account belongs to an Org.


Resources

These are the objects we can create and manage in Anypoint Platform. Organizing resources properly is key to collaboration and security. These objects are subject to be secured and shared. Depending on the context, these objects can be:
  • Applications
  • vCores
  • Exchange Assets - API Specs, API Fragments, Connectors, Templates
  • Private Spaces, Runtime Fabric Instances, Standalone Servers/Clusters/Server Groups
  • API Policies, Proxies, API Contracts, API Clients


Users

Anypoint Platform security principals (accounts) with access to an organization or business group. A user is anyone with an Anypoint account. Users are granted permissions that define what they can access and modify. Some users manage infrastructure, while others build integrations.


Permissions

Collection of entitlements of what a user/team can and cannot do with the resources in the Anypoint Org or Business Groups. For example, some users can deploy applications, while others can only view logs. Permissions ensure that teams operate efficiently and securely.


Teams

Teams are groups of users working together on projects. Instead of assigning permissions to individuals, organizations assign permissions to teams. This makes it easier to manage access as teams grow or change. Unlike the deprecated Roles, Teams allow us to define these sets of permissions across Business Groups.
Teams provide a simple way to give access to a set of assets to a common set of users belonging to a group (say developers)


Business group

A Business Group is a subdivision within an Anypoint Org. Think of Business Groups as Resource groups that reside within the top-level organization
They can be seen as sub-organizations. They are like sub-instances of an Anypoint Org but hosted all together within the same tenant. Business groups can represent departments, regions, or business units. They are structured in a tree-like structure.
The Anypoint Org provides the mechanisms for sharing and controlling resources access/visibility across Business Groups

It helps large organizations manage their resources, teams, and permissions independently. Each business group has its own environments and governance settings.


Environments

Environments are isolated groups of resources within a business group. They are normally associated with a phase of the Applications Lifecycle (Dev, UAT, Prod). Each environment has its own applications, APIs, and permissions
Environments provide a logical segmentation of resources within a Business Group
They are not coupled to a physical location or network segment - e.g. An environment can contain applications running in Cloudhub and Runtime Fabric

You may like these posts

Previous Post Next Post