Example Custom Roles Setup
Table: Permissions for an Example Custom Roles Setup
| Features | Description | Read | Create | Update | Delete | Manage |
|---|---|---|---|---|---|---|
| provision-request | access to Account Requests | Provision | Provision | Provision | visibility and access to all Requests (used in conjunction with Read, Create, Update, Delete permissions) | same as for Delete |
| Provision States | Provision State | |||||
| Provision Tags | ||||||
| access to Request area in UI | ||||||
| managed-account | access to Managed Accounts (accounts provisioned through the product) | Managed Accounts | Managed Accounts | Managed Accounts | visibility and access to all Managed Accounts (used in conjunction with Read, Create, Update, Delete permissions) | same as for Delete |
| access to Managed Accounts area in UI | ||||||
| provision-approval | access to Request Approvals | Provision Approval | Provision Approval | Provision Approval | visibility and access to all Approvals (used in conjunction with Read, Create, Update, Delete permissions) | same as for Delete |
| access to Approval area in UI | ||||||
| provision-template | access to Account Templates | Template | Template | Template | access to Template Workflow area in UI | same as for Delete |
| allows Approval of Template Workflows | ||||||
| provision-template-workflow | access to Account Template Workflows | Template Workflow | Template Workflow | Template Workflow | access to Template Workflow area in UI | same as for Delete |
| allows Approval of Templates | ||||||
| group | access to Groups | Groups | Groups | Groups | access to Groups area in UI | same as for Delete |
| manage Group Users (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| manage Group Roles (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| user | access to Users | Users | Users | Users | access to Users area in UI | same as for Delete |
| User Emails | User Emails | User Emails | Trigger verification email | |||
| manage User Groups (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| manage User Roles (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| role | access to Roles | Roles | Roles | Roles | access to Roles area in UI | same as for Delete |
| Role Permissions | Role Permissions | Role Permissions | manage Role Permissions (used in conjunction with Read, Create, Update, Delete permissions) | |||
| manage Role Users (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| manage Role Groups (used in conjunction with Read, Create, Update, Delete permissions) | ||||||
| alm-engine | access to ALM Engines | ALM Engine | ALM Engine | ALM Engine | access to ALM Engine area in UI | same as for Delete |
| ALM Engine Pools | ALM Engine Pools | ALM Engine Pools | test connectivity to ALM Engines and Pools | |||
| audit | access to Audits | Audits | n/a | n/a | n/a | n/a |
| access to Audits area in UI | ||||||
| directory-service | access to all things related to LDAP/AD/Directory Services | External Domain | same as for Read | same as for Read | access to Directory Services areas in UI | same as for Delete |
| External Groups | ||||||
| External Users | ||||||
| External User Group Mapping | ||||||
| External OUs | ||||||
| vault | access to Vaults | Integrations (Secret Server) | Integrations (Secret Server) | Integrations (Secret Server) | access to Integrations area in UI | same as for Delete |
| Integration Templates | ||||||
| api-token | access to API Tokens | API Tokens | API Tokens | API Tokens (only updates to the description and enable/disable allowed) | API Tokens | n/a |
| configuration | access to system configuration settings | n/a | Configuration | Configuration | Configuration | n/a |
| settings currently available: | ||||||
| AdminEmail - (For SAP) Email address for the Send Feedback link | ||||||
| email-notification | access to Email Notification Templates | Email Notification | n/a | Email Notification | n/a | n/a |
| webhook | access to Webhooks | Webhooks | Webhooks | Webhooks | Webhooks | n/a |
