Tenant Roles
Global Tenant Scope
Tenant is an isolated workspace within the Palette Console. Users and teams with specific roles can be associated with the tenants and projects you create.
Each user is assigned a role and permissions, which apply to the scopes, resources, and resourceKey. The Permissions
format is resourceKey.operation
, where resourceKey refers to resource or the API functionality, and Operation refers
to the permitted action or activity.
To view the list of the predefined roles and permissions, ensure you are in the project scope Tenant. Next, navigate to the left Main Menu and click on Tenant Settings > Roles, and you will find the list of Global Roles. If you need to extend permissions, create a custom role by using the Create Role option.
Below is the list of Roles and Permissions that already predefined for the Global Tenant Scope.
All users can view tags assigned to a resource. In technical terms, all users inherit the permission tag.get
by
default.
Tenants
Role Names | Description |
---|---|
Tenant Admin | Allows the user to create projects and manage projects within the tenant, covered under all operations related to projects |
Tenant Viewer | Provides a read only access to all the project resources |
Tenant Project Admin | The role with complete access to an existing project |
The table enlists the role wise resourceKeys and Operations that are predefined under the Global Tenant Scope:
- Tenant Admin
- Tenant Viewer
- Tenant Project Admin
Tenant Admin
resourceKeys | Operations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
apiKey | √ | √ | √ | √ | √ | ||||
audit | √ | √ | |||||||
cloudaccount | √ | √ | √ | √ | √ | ||||
cloudconfig | √ | √ | √ | √ | √ | ||||
cluster | √ | √ | √ | √ | √ | √ | |||
clusterProfile | √ | √ | √ | √ | √ | √ | |||
clusterRbac | √ | √ | √ | √ | √ | ||||
dnsMapping | √ | √ | √ | √ | √ | ||||
edgehost | √ | √ | √ | √ | √ | ||||
location | √ | √ | √ | √ | √ | ||||
machine | √ | √ | √ | √ | √ | ||||
macro | √ | √ | √ | √ | √ | ||||
packRegistry | √ | √ | √ | √ | √ | ||||
privateGateway | √ | √ | √ | √ | √ | ||||
project | √ | √ | √ | √ | √ | ||||
role | √ | √ | √ | √ | √ | ||||
sshKey | √ | √ | √ | √ | √ | ||||
team | √ | √ | √ | √ | √ | ||||
tag | √ | ||||||||
user | √ | √ | √ | √ | √ | ||||
workspace | √ | √ | √ | √ | √ | √ | √ |
Tenant Viewer
resourceKeys | Operations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
apiKey | √ | √ | |||||||
audit | √ | √ | |||||||
cloudaccount | √ | √ | |||||||
cloudconfig | √ | √ | |||||||
cluster | √ | √ | |||||||
clusterProfile | √ | √ | |||||||
clusterRbac | √ | √ | |||||||
dnsMapping | √ | √ | |||||||
edgehost | √ | √ | |||||||
location | √ | √ | |||||||
machine | √ | √ | |||||||
macro | √ | √ | |||||||
packRegistry | √ | √ | |||||||
privateGateway | √ | √ | |||||||
project | √ | √ | |||||||
role | √ | √ | |||||||
sshKey | √ | √ | |||||||
team | √ | √ | |||||||
user | √ | √ | |||||||
workspace | √ | √ |
Tenant Project Admin
resourceKeys | Operations |
Create | Get | Delete | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
apiKey | √ | √ | |||||||
audit | √ | √ | |||||||
cloudaccount | √ | √ | √ | √ | √ | ||||
cloudconfig | √ | √ | √ | √ | √ | ||||
cluster | √ | √ | √ | √ | √ | √ | |||
clusterProfile | √ | √ | √ | √ | √ | √ | |||
clusterRbac | √ | √ | √ | √ | √ | ||||
dnsMapping | √ | √ | √ | √ | √ | ||||
edgehost | √ | √ | √ | √ | √ | ||||
location | √ | √ | √ | √ | √ | ||||
machine | √ | √ | √ | √ | √ | ||||
macro | √ | √ | √ | √ | √ | ||||
packRegistry | √ | √ | √ | √ | √ | ||||
privateGateway | √ | √ | √ | √ | √ | ||||
project | √ | √ | √ | √ | √ | ||||
sshKey | √ | √ | √ | √ | √ | ||||
tag | √ | ||||||||
workspace | √ | √ | √ | √ | √ | √ | √ |
Cluster Profile
Role Names | Description |
---|---|
Tenant Cluster Profile Admin | A role which has complete access to all the Cluster Profile related operations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
clusterProfile | √ | √ | √ | √ | √ | √ | |||
macro | √ | √ | √ | √ | √ | ||||
packRegistry | √ | √ | |||||||
tag | √ |
Tenant Role
Role Names | Description |
---|---|
Tenant Role Admin | A role which has complete access to all the Role related perations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
role | √ | √ | √ | √ | √ |
Tenant Team
Role Names | Description |
---|---|
Tenant Team Admin | A role which has complete access to all the Team related operations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
apiKey | √ | √ | |||||||
audit | √ | √ | |||||||
team | √ | √ | √ | √ | √ | ||||
user | √ | √ |
Tenant User
Role Names | Description |
---|---|
Tenant User Admin Role | A role which has complete access to all the User related operations |
Create | Delete | Get | List | Update | Import | Publish | Backup | Restore | |
---|---|---|---|---|---|---|---|---|---|
apiKey | √ | √ | √ | √ | √ | ||||
audit | √ | √ | |||||||
user | √ | √ | √ | √ | √ |