User Management Permissions

Granular Permissions for RBAC roles

RBAC roles defined in Facets have a list of associated permissions that grant the user privileges to perform certain actions. You can find a comprehensive list of permissions listed below.

PermissionDescription
ACCOUNTS_WRITEGrants permission to create and edit accounts
ACCOUNTS_DELETEGrants permission to delete accounts.
ALERTS_CONFIGUREGrants permission to enable/disable alerts.
ARTIFACTORY_WRITEGrants permission to create and edit artifactories.
ARTIFACTORY_DELETEGrants permission to delete artifactories.
ARTIFACTS_WRITEGrants Write permissions to create, push, register, and reclassify artifacts.
ARTIFACTS_DELETEGrants permission to delete artifacts.
ARTIFACT_ROUTING_RULE_WRITEGrants permission to create and edit CI Rules.
ARTIFACT_ROUTING_RULE_DELETEGrants permission to delete CI Rules.
APPLICATION_ROLLING_RESTARTGrants permission to initiate a rolling restart for an application.
ARTIFACT_CI_WRITEGrants permission to add and update CI Integration.
ARTIFACT_CI_DELETEGrants permission to delete CI Integration.
BLUEPRINT_TEMPLATE_WRITEGrants permission to create and edit Blueprint templates.
BLUEPRINT_TEMPLATE_DELETEGrants permission to delete Blueprint templates.
CHANNEL_WRITEGrants permission to create and edit channels.
CHANNEL_DELETEGrants permission to delete channels.
CUSTOM_ROLE_WRITEGrants permission to create and update custom roles.
CUSTOM_ROLE_DELETEGrants permission to delete custom roles.
ENVIRONMENT_CONFIGUREGrants permission to configure the environment. This includes overriding, adding/updating provided resources, creating, updating secrets and variables, adding/updating/deleting release schedules, and adding/deleting availability schedules.
ENVIRONMENT_WRITEGrants permission to create and edit the environment. This includes copying environment configurations and creating and updating environments.
ENVIRONMENT_DELETEGrants permission to delete environments.
ENVIRONMENT_DESTROYGrants permission to destroy environments.
ENVIRONMENT_LAUNCHGrants permission to launch environments.
K8S_READERGrants permission to read Kubernetes and view the cluster and applications pod logs in the cluster.
K8S_DEBUGGERGrants permission to debug Kubernetes, access the application pod, and restart the pods.
OAUTH_INTEGRATION_WRITEGrants permission to add and edit OAuth integration.
OAUTH_INTEGRATION_DELETEGrants permission to delete OAuth integration.
PIPELINE_WRITEGrants permission to edit Delivery Pipelines.
PROMOTIONAL_WORKFLOW_WRITEGrants permission to add and update promotional workflow.
PROMOTIONAL_WORKFLOW_DELETEGrants permission to delete promotional workflow.
RESOURCE_GROUP_WRITEGrants permission to create and edit resource groups.
RESOURCE_GROUP_DELETEGrants permission to delete resource groups.
RELEASE_FULLGrants permission to perform a full release.
RELEASE_PLANGrants permission to create a plan for both the Full and Selective release.
RELEASE_APPLY_PLANGrants permission to apply planned releases both Full and Selective release.
RELEASE_SELECTIVEGrants permission to perform a selective release.
RELEASE_CUSTOMGrants permission to perform a custom release.
RELEASE_SCALE_UPGrants permission to perform Environment Scale-up.
RELEASE_SCALE_DOWNGrants permission to perform environment Scale-down.
RELEASE_FULL_ALLOW_DESTROYGrants permission to allow the destruction of protected resources during the full release.
RELEASE_SELECTIVE_ALLOW_DESTROYGrants permission to allow the destruction of protected resources during the selective release.
RELEASE_CUSTOM_ALLOW_DESTROYGrants permission to allow the destruction of protected resources during the custom release.
STACK_CONFIGUREGrants permission to toggle release for a Blueprint.
STACK_WRITEGrants permission to add/edit Blueprints, and add/edit resources to Blueprint Designer.
STACK_DELETEGrants permission to delete Blueprints.
SETTINGS_WRITEGrants permission to edit general settings.
SUBSCRIPTION_WRITEGrants permission to create and edit subscriptions.
SUBSCRIPTION_DELETEGrants permission to delete subscriptions.
TEMPLATE_WRITEGrants permission to create and edit templates.
TEMPLATE_DELETEGrants permission to delete template inputs.
TRASH_RESTOREGrants permission to restore items from the trash.
TRASH_DELETEGrants permission to delete items from the trash.
USER_WRITEGrants permission to create and edit users.
USER_DELETEGrants permission to delete a user.
USER_GROUP_WRITEGrants permission to create or update user groups.
USER_GROUP_DELETEGrants permission to delete user groups.
VIEW_RESOURCE_SECRETSGrants permission to view secrets of resources.