Tenant Roles
Palette provides the following Tenant roles out-of-the-box. These roles are predefined and cannot be modified. You can assign these roles to users and teams. The roles are categorized based on the resources they can manage. Each of these roles is scoped at the tenant level. This means the permissions granted to a user or team span across all projects. If you need to narrow the scope down to a single project or a handful of projects, consider using a Project role instead.
Create your own custom tenant role if none of the predefined roles meet your requirements. Refer to the Create a Custom Role guide for more information.
Default Tenant Roles
Palette comes with a set of immutable predefined Tenant roles out-of-the-box that you can assign to users or teams. To review the permissions associated with each Tenant role, click on the role name to expand the list of permissions.
Admin
| Role Name | Description |
|---|---|
| Tenant Admin | Grants access to all resources in all projects. |
| Tenant Viewer | Provides a read only access to all the project resources. |
Cluster Group
| Role Name | Description |
|---|---|
| Tenant Cluster Group Admin | Allows the user to create and manage cluster groups in all projects. |
| Tenant Cluster Group Editor | Allows the user to view, access, and update cluster groups in all projects. |
| Tenant Cluster Group Viewer | Grants read-only access to cluster groups in all projects. |
Cluster Profile
| Role Name | Description |
|---|---|
| Tenant Cluster Profile Admin | Allows the user to create and manage cluster profiles in all projects. |
Project
| Role Name | Description |
|---|---|
| Tenant Project Admin | Grants the user complete access to all the project resources. Unlike the Tenant Admin role, this role cannot create projects, users, and teams. |
Role
| Role Name | Description |
|---|---|
| Tenant Role Admin | This role allows the user to create, update, and delete roles. |
Team
| Role Name | Description |
|---|---|
| Tenant Team Admin | This role grants the user complete access to all the team resources. |
User
| Role Name | Description |
|---|---|
| Tenant User Admin Role | This role grants the user complete access to all user operations. |