Permissions

Permissions specify user access to data planes, capabilities, and applications. You can assign one or more permissions to individual users or groups based on your business needs.

Note: If you update a user permission and the user is logged in, the user must reload the page for the changes to take complete effect in the UI.

Control Plane Permissions

Permission Description
Owner

Owner with this permission can:

  • Add users and assign permissions to other users including other owners.

  • Assign "Team Admin" permission.

  • Assign "IdP Manager" permission to the user who can configure Single Sign-on.

  • Enable or disable Default IdP Sign in for any user.

  • View the registered data plane on the Data Planes page in read-only mode.

  • Assign permissions to self.

  • View the Home page with all data and access to the data plane monitoring widget.

Team Admin

Team admin with this permission can:

  • Add, edit, and remove other users except owners or IdP managers.

  • Assign and update permissions to other users except owners or IdP managers.

  • View permissions assigned to users.

  • Enable or disable Default IdP Sign in for any user (including himself) except IdP Manager or Owner.

  • View the Home page with all data and access to the data plane monitoring widget.

  • View Data Planes page in read-only mode.

View permissions Users with this permission can view details of assigned permissions to other users by navigating to the User Management > Permissions tab.
IdP Manager User with this permission can configure Single Sign-on for the enterprise from the User Management > Configure SSO page.

Data Plane and Capability Permissions

Note: The following permissions get applied to data planes or capabilities that you selected when assigning permission. To assign permission to the user for all current and data planes which will be registered in future, select All current and future Data Planes checkbox.
Permission Description
Data plane Manager

Users with this permission can:

  • Register, manage, or de-register data planes.

  • View bare-metal applications and related details like machines, metrics, and so on.

  • View the Home page with all data and access to the data plane monitoring widget.

    Note: You must have Application Manager or Application Viewer permission to view applications for cloud under Assets on the Home page.
Capability Manager

Users with this permission can:

  • Provision, de-provision capabilities.

  • Users have read-only access to all data planes.

  • View the Home page with all data and access to click widgets on the Home page for details.

    Note: You must have Application Manager or Application Viewer permission to view applications for cloud and only view applications permission for bare-metal applications in the Assets list on the Home page.
Application Manager

Users with this permission can:

  • Users can view, deploy, undeploy, and delete applications of the capabilities.

  • Add, delete, edit tags for applications, data planes, and capabilities.

  • View Home page with all data with access to click widgets on Home page for details.

    Note: In the Cloud Assets list on the Home page, users can only view applications from the data plane or Capability to which the user has access.
Application Viewer

Users with this permission can:

  • Users have read-only access to all the applications of the capability.

  • View the Home page with all data. Users cannot click any widget for details.

    Note: In the Cloud Assets list on the Home page, user can only view applications from the data plane or Capability to which the user has access.