Project Roles
Palette provides the following Project roles out-of-the-box. These roles are predefined and cannot be modified. You can assign these roles to users and teams to manage the resources within the project scope. The roles are categorized based on the resources they can manage. If you need to manage resources across multiple projects, consider using a Tenant role instead.
tip
Create your own custom project role if none of the predefined roles meet your requirements. Refer to the Create a Custom Role guide for more information.
Default Project Roles
Palette comes with a set of immutable predefined Project roles out-of-the-box that you can assign to users or teams. To review the permissions associated with each Project role, click on the role name to expand the list of permissions.
App Deployment
| Role Name | Description |
|---|---|
| App Deployment Admin | Provides administrative privilege to perform all the App operations on App resources. |
| App Deployment Editor | Allows the user to perform edit operations on an App but not to create or delete an App. |
| App Deployment Viewer | Allows the user to view all the App resources but not to make modifications. |
App Profile
| Role Name | Description |
|---|---|
| App Profile Admin | Provides administrative privilege to perform all the App operations on App profile resources. |
| App Profile Editor | Allows the user to perform edit operations on App profiles but not to create or delete an App profile. |
| App Profile Viewer | Allows the user to view all the App profile resources but not to modify them. |
Cloud Account
| Role Name | Description |
|---|---|
| Cloud Account Admin | An administrative access to cloud account operations. |
| Cloud Account Editor | An editor access to cloud account operations. |
| Cloud Account Viewer | A read-only role for cloud account operations. |
Cluster
| Role Name | Description |
|---|---|
| Cluster Admin | A cluster admin in the Project scope has all the privileges related to the cluster operation. |
| Cluster Editor | A cluster editor in the Project scope has the privileges to update, delete, get, and list cluster resources. This role is not privileged for cluster creation. |
| Cluster Viewer | A cluster viewer in Project scope is a read-only privilege to cluster operations. |
Cluster Profile
| Role Name | Description |
|---|---|
| Cluster Profile Admin | Cluster Profile Admin role has admin privileges to all the cluster profile operations. |
| Cluster Profile Editor | Cluster Profile Editor role has privileges to edit and list operations on the cluster profile. |
| Cluster Profile Viewer | Cluster Profile Viewer role has read-only privileges to cluster profiles. |
Project
| Role Name | Description |
|---|---|
| Project Admin | The Project Admin role is a closure of all the project operations. It is an administrative privilege for the project resources. |
| Project Editor | The Project Editor role can perform edit operations within a project, but the user is not able to create or delete a project. |
| Project Viewer | The Project Viewer will be able to view all the resources within a project, but is not privileged to make modifications. |
Project Cluster Group
| Role Name | Description |
|---|---|
| Project Cluster Group Admin | Provides administrative privilege to perform all the operations on the cluster group resources. |
| Project Cluster Group Editor | Allows the user to perform edit operations on a cluster group but not to create or delete a cluster group. |
| Project Cluster Group Viewer | Allows the user to view all the cluster group resources but not to modify them. |
Virtual Cluster
| Role Name | Description |
|---|---|
| Virtual Cluster Admin | Provides administrative privilege to perform all virtual cluster operations on App resources. |
| Virtual Cluster Editor | Allows the user to perform edit operations on a virtual cluster but not to create or delete a virtual cluster. |
| Virtual Cluster Viewer | Allows the user to view all the virtual cluster resources but not to modify them. |
Virtual Machine
| Role Name | Description |
|---|---|
| Virtual Machine Admin | Provides administrative privilege to perform all the virtual machine operations. |
| Virtual Machine Power User | Provides the user with the ability to most of the virtual machine operations. |
| Virtual Machine User | Provides the user with the ability to perform non-destructive operations on virtual machines. |
| Virtual Machine Viewer | Provides the user with the ability to view virtual machines. |
Workspace
| Role Name | Description |
|---|---|
| Workspace Admin | Administrator role to workspace operations. |
| Workspace Editor | Editor role to workspace operations. |