Roles Section

Role

Description

access

A user with an access role can only see roles in the sidebar menu. To view the roles table a user has to have minimum roles.view role.

roles.create

A user with roles.create role can create roles. This role alone is not enough, to see the create role button a user needs to have minimum roles.view role.

roles.delete

A user with roles.delete role can delete roles. This role alone is not enough, to see the delete role button a user needs to have minimum roles.view role.

roles.view

A user with roles.view role can view roles table and role overview.

roles.edit

A user with roles.edit can edit, manage members, set as default, and remove from default a role. This role alone is not enough, to perform the edit functionality a user needs to have minimum roles.view role.

roles.attributes.view

A user with roles.attributes.view can view the roles attributes,

roles.attributes.manage

A user with roles.attributes.manage can edit and delete the role attributes. To manage role attributes a user needs to have minimum roles.attributes.view.

Roles Admin

A user with Roles Admin role includes all the above-mentioned roles. This role giveRolesccess to the Roles section.

Groups Section

Role

Description

access

A user with an access role can only see groups in the sidebar menu. To view, the groups table a user has to have minimum groups.view role.

groups.create

A user with groups.create role can create groups. This role alone is not enough, to see the create group button a user needs to have minimum groups.view role.

groups.delete

A user with groups.delete role can delete groups. This role alone is not enough, to see the delete group button a user needs to have minimum groups.view role.

groups.view

A user with groups.view role can view groups table and group overview.

groups.edit

A user with groups.edit can edit a group. This role alone is not enough, to perform the edit functionality a user needs to have minimum groups.view role.

groups.default_groups.view

A user with groups.default_groups.view can view the default groups.

groups.default_groups.manage

A user with groups.default_groups.manage can set and remove a group as default. To manage the default group a user needs to have minimum groups.default_groups.view.

groups.roles.view

A user with groups.roles.view can view group role mappings.

groups.roles.manage

A user with groups.roles.manage can add and remove group role mappings. To manage group role mappings a user needs to have minimum groups.roles.view.

groups.attributes.view

A user with groups.attributes.view can view the group’s attributes.

groups.attributes.manage

A user with groups.attributes.manage can edit and delete the group attributes. To manage group attributes a user needs to have minimum groups.attributes.view.

Groups Admin

A user with Groups Admin role includes all above-mentioned roles. This role gives full access to the Groups section.

Users Section

Role

Description

access

A user with an access role can only see users in the sidebar menu. In order, the o view the users table a user has to have minimum users.view role.

users.create

A user with users.create role can create users. This role alone is not enough, to see the create user button a user needs to have minimum users.view role.

users.delete

A user with users.delete role can delete users. This role alone is not enough, to see the delete user button a user needs to have minimum users.view role.

users.view

A user with users.view role can view users table and user overview.

users.edit

A user with user.edit can edit a user. This role alone is not enough, to perform the edit functionality a user needs to have minimum users.view role.

users.credentials.view

A user with users.credentials.view can view the users credentials.

users.credentials.manage

A user with users.credentials.manage can manage credentials. To manage credentials a user needs to have minimum user.credentials. views.

users.roles.view

A user with users.roles.view can view user role mappings.

users.roles.manage

A user with users.roles.manage can add and remove user role mappings. To manage role mappings a user needs to have minimum users.roles.view.

users.groups.view

A user with users.groups.view can view the user group mappings.

users.groups.manage

A user with users.groups.manage can add and remove user group mappings. To manage group mappings a user need to have minimum users.groups.view.

users.consents.view

A user with users.consents.view can view the user consents.

users.sessions.view

A user with users.sessions.view can view the user sessions.

users.attributes.view

A user with users.attributes.view can view the users attributes.

users.attributes.manage

A user with users.attributes.manage can edit and delete the user attributes. To manage attributes a user needs to have minimum users.attributes.view.

Users Admin

A user with Users Admin role includes all the above-mentioned roles. This role gives full access to the Users section.

Policies Section

Role

Description

access

A user with an access role can only see policies in the sidebar menu. To view the policies table a user has to have minimum policies.view role.

policies.view

A user with policies.view role can view policies.

policies.edit

A user with policies.edit can edit policies. This role alone is not enough, to perform the edit functionality a user needs to have minimum policies.view role.

Policies Admin

A user with Policies Admin role includes all above-mentioned roles. This role gives full access to the Policies section.

Login Settings Section

Role

Description

access

A user with an access role can only see login settings in the sidebar menu. To view the login settings table, a user has to have minimum policies.view role.

login settings.view

A user with login settings.view role can view login settings.

login settings.edit

A user with login settings.edit can edit login settings. This role alone is not enough, to perform the edit functionality a user needs to have minimum login settings.view role.

Login Settings Admin

A user with Login Settings Admin role includes all the above-mentioned roles. This role gives full access to Login Settings section.

Catalog Browse Section

Role

Description

access

A user with an access role can only see catalog browse in the sidebar menu. To view catalog items, a user has to have a minimum catalog.view role.

catalog.view

A user with catalog.view role can view catalog items.

catalog.security.view

A user with catalog.security.view can view catalog security Reports.

catalog.deployments.view

A user with catalog.deployments.view can view catalog deployments.

catalog.deploy

A user with catalog.deploy can deploy catalog items. This role alone is not enough, to see the deploy button a user needs to have a minimum catalog.view role.

catalog.deployments.manage

A user with catalog.deployments.manage can Upgrade, Rollback and Delete deployments. This role alone is not enough, to manage the deployments a user needs to have a minimum catalog.deployments.view role.

Catalog Browse Admin

A user with Catalog Browse Adminthe role includes all above-mentioned roles. This role gives full access to the Catalog Browse section.

Catalog Publish Section

Role

Description

access

A user with an access role can see the catalog publish in the sidebar menu.

catalog.publish

A user with catalog.publish role can publish a catalog item.

Catalog Publish Admin

A user with Catalog Publish Admin role iththeludes all above-mentioned roles. This role gives full access to the Catalog Publish section.

Health Section

Role

Description

access

A user with an access role can only see health in the sidebar menu.

health.view

A user with health.view role can view the health of platform services.

Health Viewer

A user with Health Viewer role includes all the above-mentioned roles. This role gives full access to the Health section.

Directors Section

Role

Description

access

A user with an access role can only see directors in the sidebar menu. To view directors a user has to have minimum directors.view role.

directors.create

A user with directors.create role can create directors. This role alone is not enough, to see the create director button a user needs to have minimum directors.view role.

directors.delete

A user with directors.delete role can delete directors.

directors.view

A user with directors.view role can view directors and director overview.

directors.edit

A user with directors.edit can edit directors. This role alone is not enough, to perform the edit functionality a user needs to have minimum directors.view role.

directors.tasks.view

A user with directors.tasks.view can view the director’s tasks.

directors.events.view

A user with directors.events.view can view director events.

Directors Admin

A user with Directors Admin role includes all above-mentioned roles. This role gives full access to the Directors section.

Clusters Section

Role

Description

access

A user with an access role can only see clusters in the sidebar menu. To view clusters, a user has to have minimum clusters.view role.

clusters.create

A user with clusters.create role can create clusters. This role alone is not enough, to see the create cluster button a user needs to have minimum clusters.view role.

clusters.delete

A user with clusters.delete role can delete clusters.

clusters.view

A user with clusters.view role can view clusters and cluster overview.

clusters.edit

A user with clusters.edit can edit clusters. This role alone is not enough, to see the edit cluster button a user needs to have minimum clusters.view role.

clusters.resize

A user with clusters.resize can resize clusters. This role alone is not enough, to see the resize cluster button a user needs to have minimum clusters.view role.

clusters.events.view

A user with clusters.events.view can view cluster events.

Clusters Admin

A user with Clusters Admthe in role includes all above-mentioned roles. This role gives full access to the clusters section.

Apps Section

Role

Description

aaccess

A user with accesan s role can only see apps in the sidebar menu.

apps.create

A user with apps.create role can deploy apps from the apps section. This role alone is not enough, to see the create button a user needs to have minimum Apps Admin role.

apps.components.access

A user with apps.components.access role can view app components.

apps.events.access

A user with apps.events.access role can view app events.

apps.logs.access

A user with apps.logs.access role can view app logs.

Apps Admin

A user needs Apps Admin role to be able to access the functionality of the module. The role gives full access to the module.

Spaces Section

Role

Description

access

A user with access role can only see spaces in the sidebar menu.

Spaces Admin

A user needs Spaces Admin role to be able to access the functionality of the module. The role gives full access to the module.

Dashboards Section

Role

Description

access

A user with access role can only see dashboards in the sidebar menu.

dashboards.create

A user with dashboards.create role can create dashboards.This role alone is not enough, to see the create button a user needs to have minimum Dashboards Admin role.

Dashboards Admin

A user needs Dashboards Admin role to be able to access the functionality of the module. The role gives full access to the module.

Others

Role

Description

Home Admin

A user with Home Admin role can view the home section. The role is a default role.

Account Admin

A user with an Account Admin role can view the account section. The role is a default role.

Super Admin

The role gives full access to the whole Portal UI.