Skip to content

Roles list

Jump to bottom Edit New page
danmacpherson edited this page Feb 7, 2013 · 1 revision

Pool Family/Environment Roles:

Pool Family User

  • View Pool Family
    • Can view this pool family
      • note that this role does not automatically include the ‘pool’ level permissions — users will need to be added to each pool separately. This is to allow the administrator to have more granular control, allocating users on a per-pool basis.

Pool Family Image Administrator

  • View Pool Family

    • Can view this pool family

  • Use Pool Family

    • Stand-in for allowing image build/push within the pool family (since images live in IWHD they aren’t included in the permisions system, so we overload the ‘use’ privilege on Pool Family to indicate the ability to build/push)

  • View Quota

    • Can view quota usage for this pool family

  • View Pool

    • Can view pools contained within this pool family

  • Create Catalog

    • Can create new catalogs associated with pools in this pool family

  • View Catalog

    • Can view catalogs associated with pools in this pool family

  • Modify Catalog

    • Can modify catalogs associated with pools in this pool family

  • View permissions on Catalog

    • Can view permission grants on catalogs for pools in this pool family

  • Set permissions on Catalog

    • Can add/remove permission grants on catalogs for pools in this pool family

  • Create Deployable

    • Can create new deployables associated with catalos for pools in this pool family

  • View Deployable

    • Can view deployables associated with catalos for pools in this pool family

  • Use Deployable

    • Can launch instances based on deployables associated with catalogs for pools in this pool family

  • Modify Deployables

    • Can modify deployables in catalogs associated with pools in this pool family

  • View permissions on Deployable

    • Can view permission grants on deployables associated with catalogs for pools in this pool family

  • Set permissions on Deployable

    • Can add/remove permission grants on deployables associated with catalogs for pools in this pool family

Pool Family Administrator

  • View Pool Family

    • Can view this pool family

  • Use Pool Family

    • Stand-in for allowing image build/push within the pool family (since images live in IWHD they aren’t included in the permisions system, so we overload the ‘use’ privilege on Pool Family to indicate the ability to build/push)

  • Modify Pool Family

    • Can modify this pool family

  • View permissions on Pool Family

    • Can view permission grants on this pool family

  • Set permissions on Pool Family

    • Can add/remove permission grants on this pool family

  • View Quota

    • Can view quota usage for this pool family

  • Create Pool

    • Can create new pools within this pool family

  • View Pool

    • Can view pools contained within this pool family

  • Modify Pool

    • Can modify pools contained within this pool family

  • View permissions on Pool

    • Can view permission grants on pools within this pool family

  • Set permissions on Pool

    • Can add/remove permission grants on pools within this pool family

  • Create Catalog

    • Can create new catalogs associated with pools in this pool family

  • View Catalog

    • Can view catalogs associated with pools in this pool family

  • Modify Catalog

    • Can modify catalogs associated with pools in this pool family

  • View permissions on Catalog

    • Can view permission grants on catalogs for pools in this pool family

  • Set permissions on Catalog

    • Can add/remove permission grants on catalogs for pools in this pool family

  • Create Deployable

    • Can create new deployables associated with catalogs for pools in this pool family

  • View Deployable

    • Can view deployables associated with catalogs for pools in this pool family

  • Use Deployable

    • Can launch deployments based on deployables associated with catalogs for pools in this pool family

  • Modify Deployables

    • Can modify deployables in catalogs associated with pools in this pool family

  • View permissions on Deployable

    • Can view permission grants on deployables associated with catalogs for pools in this pool family

  • Set permissions on Deployable

    • Can add/remove permission grants on deployables associated with catalogs for pools in this pool family

  • Create Deployment

    • Can create new deployments in pools in this pool family

  • View Deployment

    • Can view deployments in pools in this pool family

  • Use Deployment

    • Can start, stop, or otherwise control deployments in pools in this pool family

  • Modify Deployments

    • Can modify deployments in pools in this pool family

  • View permissions on Deployment

    • Can view permission grants on deployments in pools in this pool family

  • Set permissions on Deployment

    • Can add/remove permission grants on deployments in pools in this pool family

  • Create Instance

    • Can create new instances in pools in this pool family

  • View Instance

    • Can view instances in pools in this pool family

  • Use Instance

    • Can start, stop, or otherwise control instances in pools in this pool family

  • Modify Instances

    • Can modify instances in pools in this pool family

  • View permissions on Instance

    • Can view permission grants on instances in pools in this pool family

  • Set permissions on Instance

    • Can add/remove permission grants on instances in pools in this pool family

Pool Roles

Pool User

  • View Pool

    • Can view this pool

  • View Quota

    • Can view quota usage for this pool

  • Create Instance

    • Can create/launch instances within this pool

  • Create Deployment

    • Can create/launch deployments within this pool

  • View Deployable

    • Can view deployables associated with catalogs in this pool

  • Use Deployable

    • Can launch deployments based on deployables associated with catalogs in this pool

  • View Deployable

    • Can view catalogs in this pool

Pool Deployable Administrator

  • View Pool

    • Can view this pool

  • View Quota

    • Can view quota usage for this pool

  • Create Catalog

    • Can create new catalogs associated with this pool

  • View Catalog

    • Can view catalogs associated with this pool

  • Modify Catalog

    • Can modify catalogs associated with this pool

  • View permissions on Catalog

    • Can view permission grants on catalogs for this pool

  • Set permissions on Catalog

    • Can add/remove permission grants on catalogs for this pool

  • Create Deployable

    • Can create new deployables associated with catalogs for this pool

  • View Deployable

    • Can view deployables associated with catalogs for this pool

  • Use Deployable

    • Can launch instances based on deployables associated with catalogs for this pool

  • Modify Deployables

    • Can modify deployables in catalogs associated with this pool

  • View permissions on Deployable

    • Can view permission grants on deployables associated with catalogs for this pool

  • Set permissions on Deployable

    • Can add/remove permission grants on deployables associated with catalogs for this pool

Pool Administrator

  • View Pool

    • Can view this pool

  • Modify Pool

    • Can modify this pool

  • View permissions on Pool

    • Can view permission grants on this pool

  • Set permissions on Pool

    • Can add/remove permission grants on this pool

  • View Quota

    • Can view quota usage for this pool

  • Create Catalog

    • Can create new catalogs associated with this pool

  • View Catalog

    • Can view catalogs associated with this pool

  • Modify Catalog

    • Can modify catalogs associated with this pool

  • View permissions on Catalog

    • Can view permission grants on catalogs for this pool

  • Set permissions on Catalog

    • Can add/remove permission grants on catalogs for this pool

  • Create Deployable

    • Can create new deployables associated with catalogs for this pool

  • View Deployable

    • Can view deployables associated with catalogs for this pool

  • Use Deployable

    • Can launch instances based on deployables associated with catalogs for this pool

  • Modify Deployables

    • Can modify deployables in catalogs associated with this pool

  • View permissions on Deployable

    • Can view permission grants on deployables associated with catalogs for this pool

  • Set permissions on Deployable

    • Can add/remove permission grants on deployables associated with catalogs for this pool

  • Create Deployment

    • Can create new deployments in pools in this pool family

  • View Deployment

    • Can view deployments in pools in this pool family

  • Use Deployment

    • Can start, stop, or otherwise control deployments in pools in this pool family

  • Modify Deployments

    • Can modify deployments in pools in this pool family

  • View permissions on Deployment

    • Can view permission grants on deployments in pools in this pool family

  • Set permissions on Deployment

    • Can add/remove permission grants on deployments in pools in this pool family

  • Create Instance

    • Can create new instances in this pool

  • View Instance

    • Can view instances in this pool

  • Use Instance

    • Can start, stop, or otherwise control instances in this pool

  • Modify Instances

    • Can modify instances in this pool

  • View permissions on Instance

    • Can view permission grants on instances in this pool

  • Set permissions on Instance

    • Can add/remove permission grants on instances in this pool

Catalog Roles

Catalog User

  • View Catalog

    • Can view this catalog

  • View Deployable

    • Can view deployables associated with this catalog

  • Use Deployable

    • Can launch instances based on deployables associated with this catalog

Catalog Administrator

  • View Catalog

    • Can view this catalog

  • Modify Catalog

    • Can modify this catalog

  • View permissions on Catalog

    • Can view permission grants on this catalog

  • Set permissions on Catalog

    • Can add/remove permission grants on this catalog

  • Create Deployable

    • Can create new deployables associated with this catalog

  • View Deployable

    • Can view deployables associated with this catalog

  • Use Deployable

    • Can launch instances based on deployables associated with this catalog

  • Modify Deployables

    • Can modify deployables in this catalog

  • View permissions on Deployable

    • Can view permission grants on deployables associated with this catalog

  • Set permissions on Deployable

    • Can add/remove permission grants on deployables associated with this catalog

Deployable Roles

Deployable User

  • View Deployable

    • Can view this deployable

  • Use Deployable

    • Can launch instances based on this deployable

Deployable Administrator

  • View Deployable

    • Can view this deployable

  • Use Deployable

    • Can launch instances based on this deployable

  • Modify Deployables

    • Can modify this deployable

  • View permissions on Deployable

    • Can view permission grants on this deployable

  • Set permissions on Deployable

    • Can add/remove permission grants on this deployable

Deployment Roles

Deployment User

  • View Deployment

    • Can view this deployment

  • Use Deployment

    • Can start, stop, or otherwise control this deployment

  • View Instance

    • Can view instances in this deployment

  • Use Instance

    • Can start, stop, or otherwise control instances in this deployment

Deployment Owner

  • View Deployment

    • Can view this deployment

  • Use Deployment

    • Can start, stop, or otherwise control this deployment

  • Modify Deployments

    • Can modify this deployment

  • View permissions on Deployment

    • Can view permission grants on this deployment

  • Set permissions on Deployment

    • Can add/remove permission grants on this deployment

  • View Instance

    • Can view instances in this deployment

  • Use Instance

    • Can start, stop, or otherwise control instances in this deployment

  • Modify Instance

    • Can modify instances in this deployment

Instance Roles

Instance User

  • View Instance

    • Can view this instance

  • Use Instance

    • Can start, stop, or otherwise control this instance

Instance Owner

  • View Instance

    • Can view this instance

  • Use Instance

    • Can start, stop, or otherwise control this instance

  • Modify Instance

    • Can modify this instance

  • View permissions on Instance

    • Can view permission grants on this instance

  • Set permissions on Instance

    • Can add/remove permission grants on this instance

Provider Roles

Provider Administrator

  • View Provider

    • Can view this provider

  • Use Provider

    • Can perform certain actions using this provider (currently map this provider or its back-end realms to a front-end Realm)

  • Modify Provider

    • Can modify this provider

  • View permissions on Provider

    • Can view permission grants on this provider

  • Set permissions on Provider

    • Can add/remove permission grants on this provider

  • View Provider Account

    • Can view accounts on this provider

  • Use Provider Account

    • Can attach accounts on this provider to a Pool Family

  • Modify Provider Account

    • Can modify accounts on this provider

  • Create Provider Account

    • Can create accounts on this provider

  • View permissions on Provider Account

    • Can view permission grants on accounts on this provider

  • Set permissions on Provider Account

    • Can add/remove permission grants on accounts on this provider

Provider User

  • View Provider

    • Can view this provider

  • Use Provider

    • Can perform certain actions using this provider (currently map this provider or its back-end realms to a front-end Realm)

  • Create Provider Account

    • Can create accounts on this provider

Provider Account Roles

Provider Account User

  • View Provider Account

    • Can view this provider account

  • Use Provider Account

    • Can attach this provider account to a Pool Family

Provider Account Owner

  • View Provider Account

    • Can view this provider account

  • Use Provider Account

    • Can attach this provider account to a Pool Family

  • Modify Provider Account

    • Can modify this provider account

  • View permissions on Provider Account

    • Can view permission grants on this provider account

  • Set permissions on Provider Account

    • Can add/remove permission grants on this provider account

Global Roles

Assigning any of the remaining roles to a user grants the user the listed privileges system-wide, to all objects/resources of the specified type.

Global Provider User

  • View Provider

    • Can view any provider

  • Use Provider

    • Can perform certain actions using any provider (currently map any provider or its back-end realms to a front-end Realm)

Global Provider Administrator

  • Create Provider

    • Can create new providers

  • View Provider

    • Can view any provider

  • Use Provider

    • Can perform certain actions using any provider (currently map any provider or its back-end realms to a front-end Realm)

  • Modify Provider

    • Can modify any provider

  • View permissions on Provider

    • Can view permission grants on any provider

  • Set permissions on Provider

    • Can add/remove permission grants on any provider

  • View Provider Account

    • Can view accounts on any provider

  • Use Provider Account

    • Can attach accounts on any provider to a Pool Family

  • Modify Provider Account

    • Can modify accounts on any provider

  • Create Provider Account

    • Can create accounts on any provider

  • View permissions on Provider Account

    • Can view permission grants on accounts on any provider

  • Set permissions on Provider Account

    • Can add/remove permission grants on accounts on any provider

Global Hardware Profile Administrator

  • View Hardware Profile

    • Can view any Hardware Profile

  • Create Hardware Profile

    • Can create new (front end) Hardware Profiles

Global Hardware Profile User

  • View Hardware Profile
    • Can view any Hardware Profile

Global Realm Administrator

  • Modify Realm
    • Can modify any (front end) Realm

Global Pool Administrator (includes global pool family rights too)

  • Create Pool Family

    • Can create new pool families

  • View Pool Family

    • Can view any pool family

  • Use Pool Family

    • Stand-in for allowing image build/push within any pool family (since images live in IWHD they aren’t included in the permisions system, so we overload the ‘use’ privilege on Pool Family to indicate the ability to build/push)

  • Modify Pool Family

    • Can modify any pool family

  • View permissions on Pool Family

    • Can view permission grants on any pool family

  • Set permissions on Pool Family

    • Can add/remove permission grants on any pool family

  • View Quota

    • Can view quota usage for any pool family

  • Modify Quota

    • Can modify quota settings for any pool family

  • Create Pool

    • Can create new pools within any pool family

  • View Pool

    • Can view any pool

  • Modify Pool

    • Can modify any pool

  • View permissions on Pool

    • Can view permission grants on any pool

  • Set permissions on Pool

    • Can add/remove permission grants on any pool

  • Create Catalog

    • Can create new catalogs associated with any pool family

  • View Catalog

    • Can view catalogs associated with any pool

  • Modify Catalog

    • Can modify catalogs associated with any pool

  • View permissions on Catalog

    • Can view permission grants on any catalog

  • Set permissions on Catalog

    • Can add/remove permission grants on any catalog

  • Create Deployable

    • Can create new deployables associated with catalogs for any pool

  • View Deployable

    • Can view any deployable

  • Use Deployable

    • Can launch deployments based any deployable

  • Modify Deployables

    • Can modify any deployable

  • View permissions on Deployable

    • Can view permission grants on any deployable

  • Set permissions on Deployable

    • Can add/remove permission grants on any deployable

  • Create Deployment

    • Can create new deployments in any pool

  • View Deployment

    • Can view any deployment

  • Use Deployment

    • Can start, stop, or otherwise control any deployment

  • Modify Deployments

    • Can modify any deployment

  • View permissions on Deployment

    • Can view permission grants on any deployment

  • Set permissions on Deployment

    • Can add/remove permission grants on any deployment

  • Create Instance

    • Can create new instances in any pool

  • View Instance

    • Can view instances in any pool

  • Use Instance

    • Can start, stop, or otherwise control any instance

  • Modify Instances

    • Can modify any instance

  • View permissions on Instance

    • Can view permission grants on any instance

  • Set permissions on Instance

    • Can add/remove permission grants on any instance

Global Deployable Administrator

  • Create Deployable

    • Can create new deployables associated with catalogs for any pool

  • View Deployable

    • Can view any deployable

  • Use Deployable

    • Can launch deployments based any deployable

  • Modify Deployables

    • Can modify any deployable

  • View permissions on Deployable

    • Can view permission grants on any deployable

  • Set permissions on Deployable

    • Can add/remove permission grants on any deployable

  • Create Catalog

    • Can create new catalogs associated with this pool

  • View Catalog

    • Can view catalogs associated with this pool

  • Modify Catalog

    • Can modify catalogs associated with this pool

  • View permissions on Catalog

    • Can view permission grants on catalogs for this pool

  • Set permissions on Catalog

    • Can add/remove permission grants on catalogs for this pool

  • View Pool Family

    • Can view any pool family

Global Pool User

  • View Pool Family

    • Can view any pool family

  • View Pool

    • Can view any pool

  • Create Instance

    • Can create new instances in any pool

  • Create Deployment

    • Can create new deployments in any pool

  • View Quota

    • Can view quota usage for any pool

  • View Deployable

    • Can view any deployable

  • Use Deployable

    • Can launch deployments based any deployable

  • View Catalog

    • Can view any catalog

Global Image Administrator

  • View Pool Family

    • Can view any pool family

  • Use Pool Family

    • Stand-in for allowing image build/push within any pool family (since images live in IWHD they aren’t included in the permisions system, so we overload the ‘use’ privilege on Pool Family to indicate the ability to build/push)

  • Create Catalog

    • Can create new catalogs associated with any pool family

  • View Catalog

    • Can view catalogs associated with any pool

  • Modify Catalog

    • Can modify catalogs associated with any pool

  • View permissions on Catalog

    • Can view permission grants on any catalog

  • Set permissions on Catalog

    • Can add/remove permission grants on any catalog

  • Create Deployable

    • Can create new deployables associated with catalogs for any pool

  • View Deployable

    • Can view any deployable

  • Use Deployable

    • Can launch deployments based any deployable

  • Modify Deployables

    • Can modify any deployable

  • View permissions on Deployable

    • Can view permission grants on any deployable

  • Set permissions on Deployable

    • Can add/remove permission grants on any deployable

Administrator (site-wide admin role)

  • Create Pool Family

    • Can create new pool families

  • View Pool Family

    • Can view any pool family

  • Use Pool Family

    • Stand-in for allowing image build/push within any pool family (since images live in IWHD they aren’t included in the permisions system, so we overload the ‘use’ privilege on Pool Family to indicate the ability to build/push)

  • Modify Pool Family

    • Can modify any pool family

  • View permissions on Pool Family

    • Can view permission grants on any pool family

  • Set permissions on Pool Family

    • Can add/remove permission grants on any pool family

  • View Quota

    • Can view quota usage for any object

  • Modify Quota

    • Can modify quota settings for any object

  • Create Pool

    • Can create new pools within any pool family

  • View Pool

    • Can view any pool

  • Modify Pool

    • Can modify any pool

  • View permissions on Pool

    • Can view permission grants on any pool

  • Set permissions on Pool

    • Can add/remove permission grants on any pool

  • Create Catalog

    • Can create new catalogs associated with any pool family

  • View Catalog

    • Can view catalogs associated with any pool

  • Modify Catalog

    • Can modify catalogs associated with any pool

  • View permissions on Catalog

    • Can view permission grants on any catalog

  • Set permissions on Catalog

    • Can add/remove permission grants on any catalog

  • Create Deployable

    • Can create new deployables associated with catalogs for any pool

  • View Deployable

    • Can view any deployable

  • Use Deployable

    • Can launch deployments based any deployable

  • Modify Deployables

    • Can modify any deployable

  • View permissions on Deployable

    • Can view permission grants on any deployable

  • Set permissions on Deployable

    • Can add/remove permission grants on any deployable

  • Create Deployment

    • Can create new deployments in any pool

  • View Deployment

    • Can view any deployment

  • Use Deployment

    • Can start, stop, or otherwise control any deployment

  • Modify Deployments

    • Can modify any deployment

  • View permissions on Deployment

    • Can view permission grants on any deployment

  • Set permissions on Deployment

    • Can add/remove permission grants on any deployment

  • Create Instance

    • Can create new instances in any pool

  • View Instance

    • Can view instances in any pool

  • Use Instance

    • Can start, stop, or otherwise control any instance

  • Modify Instances

    • Can modify any instance

  • View permissions on Instance

    • Can view permission grants on any instance

  • Set permissions on Instance

    • Can add/remove permission grants on any instance

  • Create Provider

  • Can create new providers

  • View Provider

  • Can view any provider

  • Use Provider

    • Can perform certain actions using any provider

  • Modify Provider

    • Can modify any provider

  • View permissions on Provider

    • Can view permission grants on any provider

  • Set permissions on Provider

    • Can add/remove permission grants on any provider

  • View Provider Account

    • Can view accounts on any provider

  • Use Provider Account

    • Can attach accounts on any provider to a Pool Family

  • Modify Provider Account

    • Can modify accounts on any provider

  • Create Provider Account

    • Can create accounts on any provider

  • View permissions on Provider Account

    • Can view permission grants on accounts on any provider

  • Set permissions on Provider Account

    • Can add/remove permission grants on accounts on any provider

  • View Hardware Profile

    • Can view any Hardware Profile

  • Modify Provider

    • Can modify any Hardware Profile

  • Create Hardware Profile

    • Can create new Hardware Profiles

  • Modify Realm

    • Can modify any Realm

  • Create Hardware Profile

    • Can create new Realm

  • View User

    • Can view user profiles for all users

  • Modify User

    • Can edit user profiles for all users

  • Create User

    • Can create new users

  • View Global Permissions

    • Can view global permission grants

  • Set Global Permissions

    • Can add/remove global permission grants
Add a custom footer
Add a custom sidebar
Clone this wiki locally