User Management Permissions
Granular Permissions for RBAC roles
RBAC roles defined in Facets have a list of associated permissions that grant the user privileges to perform certain actions. You can find a comprehensive list of permissions listed below.
| Permission | Description |
|---|---|
| ACCOUNTS_WRITE | Grants permission to create and edit accounts |
| ACCOUNTS_DELETE | Grants permission to delete accounts. |
| ALERTS_CONFIGURE | Grants permission to enable/disable alerts. |
| ARTIFACTORY_WRITE | Grants permission to create and edit artifactories. |
| ARTIFACTORY_DELETE | Grants permission to delete artifactories. |
| ARTIFACTS_WRITE | Grants Write permissions to create, push, register, and reclassify artifacts. |
| ARTIFACTS_DELETE | Grants permission to delete artifacts. |
| ARTIFACT_ROUTING_RULE_WRITE | Grants permission to create and edit CI Rules. |
| ARTIFACT_ROUTING_RULE_DELETE | Grants permission to delete CI Rules. |
| APPLICATION_ROLLING_RESTART | Grants permission to initiate a rolling restart for an application. |
| ARTIFACT_CI_WRITE | Grants permission to add and update CI Integration. |
| ARTIFACT_CI_DELETE | Grants permission to delete CI Integration. |
| BLUEPRINT_TEMPLATE_WRITE | Grants permission to create and edit Blueprint templates. |
| BLUEPRINT_TEMPLATE_DELETE | Grants permission to delete Blueprint templates. |
| CHANNEL_WRITE | Grants permission to create and edit channels. |
| CHANNEL_DELETE | Grants permission to delete channels. |
| CUSTOM_ROLE_WRITE | Grants permission to create and update custom roles. |
| CUSTOM_ROLE_DELETE | Grants permission to delete custom roles. |
| ENVIRONMENT_CONFIGURE | Grants permission to configure the environment. This includes overriding, adding/updating provided resources, creating, updating secrets and variables, adding/updating/deleting release schedules, and adding/deleting availability schedules. |
| ENVIRONMENT_WRITE | Grants permission to create and edit the environment. This includes copying environment configurations and creating and updating environments. |
| ENVIRONMENT_DELETE | Grants permission to delete environments. |
| ENVIRONMENT_DESTROY | Grants permission to destroy environments. |
| ENVIRONMENT_LAUNCH | Grants permission to launch environments. |
| K8S_CREDENTIALS | Grants permission to access the Kubernetes credentials. |
| K8S_READER | Grants permission to read Kubernetes and view the cluster and applications pod logs in the cluster. |
| K8S_DEBUGGER | Grants permission to debug Kubernetes, access the application pod, and restart the pods. |
| OAUTH_INTEGRATION_WRITE | Grants permission to add and edit OAuth integration. |
| OAUTH_INTEGRATION_DELETE | Grants permission to delete OAuth integration. |
| PIPELINE_WRITE | Grants permission to edit Delivery Pipelines. |
| PROMOTIONAL_WORKFLOW_WRITE | Grants permission to add and update promotional workflow. |
| PROMOTIONAL_WORKFLOW_DELETE | Grants permission to delete promotional workflow. |
| RESOURCE_GROUP_WRITE | Grants permission to create and edit resource groups. |
| RESOURCE_GROUP_DELETE | Grants permission to delete resource groups. |
| RESOURCE_OVERRIDE | Grants permission to override the resources |
| RELEASE_FULL | Grants permission to perform a full release. |
| RELEASE_PAUSE | Grants permission to pause/unpause release |
| RELEASE_PLAN | Grants permission to create a plan for both the Full and Selective release. |
| RELEASE_APPLY_PLAN | Grants permission to apply planned releases both Full and Selective release. |
| RELEASE_SELECTIVE | Grants permission to perform a selective release. |
| RELEASE_CUSTOM | Grants permission to perform a custom release. |
| RELEASE_SCALE_UP | Grants permission to perform Environment Scale-up. |
| RELEASE_SCALE_DOWN | Grants permission to perform environment Scale-down. |
| RELEASE_FULL_ALLOW_DESTROY | Grants permission to allow the destruction of protected resources during the full release. |
| RELEASE_SELECTIVE_ALLOW_DESTROY | Grants permission to allow the destruction of protected resources during the selective release. |
| RELEASE_CUSTOM_ALLOW_DESTROY | Grants permission to allow the destruction of protected resources during the custom release. |
| STACK_CONFIGURE | Grants permission to toggle release for a Blueprint. |
| STACK_WRITE | Grants permission to add/edit Blueprints, and add/edit resources to Blueprint Designer. |
| STACK_DELETE | Grants permission to delete Blueprints. |
| SETTINGS_WRITE | Grants permission to edit general settings. |
| SUBSCRIPTION_WRITE | Grants permission to create and edit subscriptions. |
| SUBSCRIPTION_DELETE | Grants permission to delete subscriptions. |
| TEMPLATE_WRITE | Grants permission to create and edit templates. |
| TEMPLATE_DELETE | Grants permission to delete template inputs. |
| TRASH_RESTORE | Grants permission to restore items from the trash. |
| TRASH_DELETE | Grants permission to delete items from the trash. |
| USER_WRITE | Grants permission to create and edit users. |
| USER_DELETE | Grants permission to delete a user. |
| USER_GROUP_WRITE | Grants permission to create or update user groups. |
| USER_GROUP_DELETE | Grants permission to delete user groups. |
| VIEW_RESOURCE_SECRETS | Grants permission to view secrets of resources. |
| VIEW_SECRETS | Grants permission to view environment level secrets |
Updated 5 months ago