Roles and Permissions
The table below illustrates the permissions of roles which can manipulate organizations and their membership.
| Action | Organization Owner | Organization Member |
|---|---|---|
| Add Organization Owner | x | |
| Add Organization Member | x | |
| View Organization Members | x | x |
The table below illustrates the permissions of roles which can manipulate accounts and their membership.
| Action | Organization Owner | Account Owner | Account Member |
|---|---|---|---|
| Create Account | x | ||
| Update Account | x | ||
| Delete Account | x | ||
| Add Account Owner | x | x | |
| Remove Account Owner | x | x | |
| View Account Owners | x | x | x |
| Add Account Member | x | x | |
| Remove Account Member | x | x | |
| View Account Members | x | x | x |
The table below shows account roles and their ability to manipulate account and user scoped resources such as secrets, storage volumes, and compute resource definitions.
| Resource | Action | Account Owner | Account Member |
|---|---|---|---|
| Account Scoped Resource | Create | x | |
| Update | x | ||
| Delete | x | ||
| Access | x | x | |
| User Scoped Resources | Create | x | x |
| Update | x | x | |
| Delete | x | x | |
| Access | x | x |
In the next section, we will walk through an example which ties the concepts of organizations, accounts, and users together.