User Management Permissions
RBAC roles defined in Facets have a list of associated permissions that grant the user privileges to perform certain actions. This page provides a comprehensive overview of the permissions available within the system.You can find a comprehensive list of permissions listed below.
Common Permissions:
- Write: Grants permission to create and edit entities.
- Delete: Grants permission to delete entities.
List of Permissions:
The table below categorizes permissions by their respective areas, detailing the capabilities granted under each category.
- Category: Represents the functional area or entity within the system.
- Write: Indicates whether
writepermission is available within the category. - Delete: Indicates whether
deletepermission is available within the category. - Special Permissions: Lists any additional specific permissions that provide more granular control over actions within the category.
| Category | Write | Delete | Special Permissions |
|---|---|---|---|
| Accounts | Yes | Yes | - |
| Alerts | No | No | Configure: Grants permission to configure the alerts. |
| Application Rolling | No | No | Restart: Grants permission to initiate a rolling restart for an application. |
| Artifact CI | Yes | Yes | - |
| Artifacts | Yes | Yes | - |
| Artifactory | Yes | Yes | - |
| Audit Logs | No | No | View: Grants permission to view audit logs. |
| Blue-Green/Canary | No | No | Promote: Grants permission to promote preview application deployment. |
| Abort: Grants permission to abort preview application deployment. | |||
| Blueprint | Yes | Yes | Configure: Grants permission to configure the blueprint. |
| Blueprint Template | Yes | Yes | - |
| Channel | Yes | Yes | - |
| CI Rule | Yes | Yes | - |
| CI/CD | No | No | Configure: Grants permission to configure CI/CD. |
| CLI Artifact | No | No | Push: Grants permission to Push images to the inbuilt ECR repositories. |
| Cost Explorer | No | No | View Cost Explorer: Grants permission to cost explorer. |
| Environment | Yes | Yes | Configure: Grants permission to configure the Environment. |
| View Secrets: Grants permission to view environment secrets. | |||
| K8s | No | No | Reader: Grants permission to read Kubernetes. |
| Debugger: Grants permission to debug Kubernetes. | |||
| Custom: Grants permission to add your own Kubernetes roles. | |||
| Kubernetes Credentials: Grants permission to access kube credentials. | |||
| Maintenance Window | Yes | No | - |
| OAuth Integration | Yes | Yes | - |
| OPA | Yes | Yes | Execute: Grants permission to execute opa policies. |
| Pipeline | Yes | No | - |
| Project Type | Yes | Yes | - |
| Promotion Workflow | Yes | Yes | - |
| Release | No | No | Release Approve/Reject: Grants permission to approve or reject pending releases. |
| Full Release: Grants permission to perform full release. | |||
| Plan Release: Grants permission to create a plan for both the full and selective release. | |||
| Apply Release Plan: Grants permission to apply planned releases both full and selective. | |||
| Selective Release: Grants permission to perform selective release. | |||
| Custom Release: Grants permission to perform custom release. | |||
| Maintenance Release: Grants permission to perform maintenance release. | |||
| Scale Up: Grants permission to perform environment scale up. | |||
| Scale Down: Grants permission to perform environment scale down. | |||
| Allow Destroy for Full Release: Grants permission to allow destruction of protected resources during the full release. | |||
| Allow Destroy for Selective Release: Grants permission to allow destruction of protected resources during the selective release. | |||
| Allow Destroy for Custom Release: Grants permission to allow destruction of protected resources during the custom release. | |||
| Pause/Unpause Releases: Grants permission to pause/unpause release. | |||
| Release Stream | Yes | Yes | - |
| Resource | No | No | Override: Grants permission to override the resources. |
| Resource Group | Yes | Yes | Read: Grants permission to view resource group. |
| Resource Information | No | No | View Resource Secrets: Grants permission to view secrets of resources. |
| Role | Yes | Yes | Read: Grants permission to view roles. |
| Settings | Yes | No | - |
| Subscription | Yes | Yes | - |
| Template | Yes | Yes | - |
| Trash | No | Yes | Restore: Grants permission to restore items from trash. |
| User | Yes | Yes | Read: Grants permission to view users. |
| User Group | Yes | Yes | Read: Grants permission to view user groups. |
| VPN | No | No | VPN Connect: Grants permission to download vpn profile and connect to k8s using vpn. |
| Category | Write | Delete | Special Permissions |
|---|---|---|---|
| Accounts | Yes | Yes | - |
| Alerts | No | No | Configure: Grants permission to configure the alerts. |
| Application Rolling | No | No | Restart: Grants permission to initiate a rolling restart for an application. |
| Artifact CI | Yes | Yes | - |
| Artifacts | Yes | Yes | - |
| Artifactory | Yes | Yes | - |
| Audit Logs | No | No | View: Grants permission to view audit logs. |
| Blue-Green/Canary | No | No | Promote: Grants permission to promote preview application deployment. |
| Abort: Grants permission to abort preview application deployment. | |||
| Blueprint | Yes | Yes | Configure: Grants permission to configure the blueprint. |
| Blueprint Template | Yes | Yes | - |
| Channel | Yes | Yes | - |
| CI Rule | Yes | Yes | - |
| CI/CD | No | No | Configure: Grants permission to configure CI/CD. |
| CLI Artifact | No | No | Push: Grants permission to Push images to the inbuilt ECR repositories. |
| Cost Explorer | No | No | View Cost Explorer: Grants permission to cost explorer. |
| Environment | Yes | Yes | Configure: Grants permission to configure the Environment. |
| View Secrets: Grants permission to view environment secrets. | |||
| K8s | No | No | Reader: Grants permission to read Kubernetes. |
| Debugger: Grants permission to debug Kubernetes. | |||
| Custom: Grants permission to add your own Kubernetes roles. | |||
| Kubernetes Credentials: Grants permission to access kube credentials. | |||
| Maintenance Window | Yes | No | - |
| OAuth Integration | Yes | Yes | - |
| OPA | Yes | Yes | Execute: Grants permission to execute opa policies. |
| Pipeline | Yes | No | - |
| Project Type | Yes | Yes | - |
| Promotion Workflow | Yes | Yes | - |
| Release | No | No | Release Approve/Reject: Grants permission to approve or reject pending releases. |
| Full Release: Grants permission to perform full release. | |||
| Plan Release: Grants permission to create a plan for both the full and selective release. | |||
| Apply Release Plan: Grants permission to apply planned releases both full and selective. | |||
| Selective Release: Grants permission to perform selective release. | |||
| Custom Release: Grants permission to perform custom release. | |||
| Maintenance Release: Grants permission to perform maintenance release. | |||
| Scale Up: Grants permission to perform environment scale up. | |||
| Scale Down: Grants permission to perform environment scale down. | |||
| Allow Destroy for Full Release: Grants permission to allow destruction of protected resources during the full release. | |||
| Allow Destroy for Selective Release: Grants permission to allow destruction of protected resources during the selective release. | |||
| Allow Destroy for Custom Release: Grants permission to allow destruction of protected resources during the custom release. | |||
| Pause/Unpause Releases: Grants permission to pause/unpause release. | |||
| Release Stream | Yes | Yes | - |
| Resource | No | No | Override: Grants permission to override the resources. |
| Resource Group | Yes | Yes | Read: Grants permission to view resource group. |
| Resource Information | No | No | View Resource Secrets: Grants permission to view secrets of resources. |
| Role | Yes | Yes | Read: Grants permission to view roles. |
| Settings | Yes | No | - |
| Subscription | Yes | Yes | - |
| Template | Yes | Yes | - |
| Trash | No | Yes | Restore: Grants permission to restore items from trash. |
| User | Yes | Yes | Read: Grants permission to view users. |
| User Group | Yes | Yes | Read: Grants permission to view user groups. |
| VPN | No | No | VPN Connect: Grants permission to download vpn profile and connect to k8s using vpn. |
- Special Permissions: Lists any additional specific permissions that provide more granular control over actions within the category.
| Category | Write | Delete | Special Permissions |
|---|---|---|---|
| Accounts | Yes | Yes | - |
| Alerts | No | No | Configure: Grants permission to configure the alerts. |
| Application Rolling | No | No | Restart: Grants permission to initiate a rolling restart for an application. |
| Artifact CI | Yes | Yes | - |
| Artifacts | Yes | Yes | - |
| Artifactory | Yes | Yes | - |
| Audit Logs | No | No | View: Grants permission to view audit logs. |
| Blue-Green/Canary | No | No | Promote: Grants permission to promote preview application deployment. |
| Abort: Grants permission to abort preview application deployment. | |||
| Blueprint | Yes | Yes | Configure: Grants permission to configure the blueprint. |
| Blueprint Template | Yes | Yes | - |
| Channel | Yes | Yes | - |
| CI Rule | Yes | Yes | - |
| CI/CD | No | No | Configure: Grants permission to configure CI/CD. |
| CLI Artifact | No | No | Push: Grants permission to Push images to the inbuilt ECR repositories. |
| Cost Explorer | No | No | View Cost Explorer: Grants permission to cost explorer. |
| Environment | Yes | Yes | Configure: Grants permission to configure the Environment. |
| View Secrets: Grants permission to view environment secrets. | |||
| K8s | No | No | Reader: Grants permission to read Kubernetes. |
| Debugger: Grants permission to debug Kubernetes. | |||
| Custom: Grants permission to add your own Kubernetes roles. | |||
| Kubernetes Credentials: Grants permission to access kube credentials. | |||
| Maintenance Window | Yes | No | - |
| OAuth Integration | Yes | Yes | - |
| OPA | Yes | Yes | Execute: Grants permission to execute opa policies. |
| Pipeline | Yes | No | - |
| Project Type | Yes | Yes | - |
| Promotion Workflow | Yes | Yes | - |
| Release | No | No | Release Approve/Reject: Grants permission to approve or reject pending releases. |
| Full Release: Grants permission to perform full release. | |||
| Plan Release: Grants permission to create a plan for both the full and selective release. | |||
| Apply Release Plan: Grants permission to apply planned releases both full and selective. | |||
| Selective Release: Grants permission to perform selective release. | |||
| Custom Release: Grants permission to perform custom release. | |||
| Maintenance Release: Grants permission to perform maintenance release. | |||
| Scale Up: Grants permission to perform environment scale up. | |||
| Scale Down: Grants permission to perform environment scale down. | |||
| Allow Destroy for Full Release: Grants permission to allow destruction of protected resources during the full release. | |||
| Allow Destroy for Selective Release: Grants permission to allow destruction of protected resources during the selective release. | |||
| Allow Destroy for Custom Release: Grants permission to allow destruction of protected resources during the custom release. | |||
| Pause/Unpause Releases: Grants permission to pause/unpause release. | |||
| Release Stream | Yes | Yes | - |
| Resource | No | No | Override: Grants permission to override the resources. |
| Resource Group | Yes | Yes | Read: Grants permission to view resource group. |
| Resource Information | No | No | View Resource Secrets: Grants permission to view secrets of resources. |
| Role | Yes | Yes | Read: Grants permission to view roles. |
| Settings | Yes | No | - |
| Subscription | Yes | Yes | - |
| Template | Yes | Yes | - |
| Trash | No | Yes | Restore: Grants permission to restore items from trash. |
| User | Yes | Yes | Read: Grants permission to view users. |
| User Group | Yes | Yes | Read: Grants permission to view user groups. |
| VPN | No | No | VPN Connect: Grants permission to download vpn profile and connect to k8s using vpn. |
Updated 3 days ago