Roles and Permissions
The table below illustrates the permissions of roles which can manipulate organizations and their membership.
| Action | Organization Owner | Organization Member |
|---|---|---|
| Add Organization Owner | x | |
| Add Organization Member | x | |
| View Organization Members | x | x |
The table below illustrates the permissions of roles which can manipulate groups and their membership.
| Action | Organization Owner | Group Owner | Group Member |
|---|---|---|---|
| Create Group | x | ||
| Update Group | x | ||
| Delete Group | x | ||
| Add Group Owner | x | x | |
| Remove Group Owner | x | x | |
| View Group Owners | x | x | x |
| Add Group Member | x | x | |
| Remove Group Member | x | x | |
| View Group Members | x | x | x |
The table below shows group roles and their ability to manipulate group and user scoped resources such as secrets, storage volumes, and compute resource definitions.
| Resource | Action | Group Owner | Group Member |
|---|---|---|---|
| Group Scoped Resource | Create | x | |
| Update | x | ||
| Delete | x | ||
| Access | x | x | |
| User Scoped Resources | Create | x | x |
| Update | x | x | |
| Delete | x | x | |
| Access | x | x |
In the next section, we will walk through an example which ties the concepts of organizations, groups, and users together.