User roles determine what you can see and do in Cloud Assembly. Some roles are defined at the service organization level, and some are specific to Cloud Assembly.

Global Roles

Global roles are defined in the organization and might be applied across multiple services.

Table 1. Global Organization Roles

Role

Description

Cloud administrator

Must have read and write access to the entire user interface and API resources. This is the only user role that can create a new project and assign a project administrator.

Regular user

Any user who does not have the cloud admin role.

Project Roles and Permissions

Project roles, the project administrator and project member, are defined in Cloud Assembly and can vary between projects.

In the following tables, where the permissions are defined, remember that the cloud administrator has full permission on all areas of the UI.

Project administrators leverage the infrastructure that is created by the cloud administrator to ensure that their project members have the resources they need for their development work.

Table 2. Project Administrator Roles and Permissions

Tab

Node or Area

View

Create

Modify/Delete

Infrastructure

Projects

Yes (only your projects)

No

Yes (only your projects)

Policies - Cloud Zones

No

No

No

Policies - Flavor Mappings

Yes

No

No

Policies - Image Mappings

Yes

No

No

Policies - Network Profiles

Yes

No

No

Policies - Storage Profiles

Yes

No

No

Resources - Compute

Yes

No

No

Resources - Network

Yes

No

No

Resources - Storage

Yes

No

No

Resources - Machines

Yes (only your projects)

Yes

Yes (only your projects)

Resources - Volumes

Activity - Requests

Yes (only your projects)

N/A

Yes (only your projects)

Activity - Events

Yes (only your projects)

N/A

Yes (only your projects)

Manage - Cloud Accounts

No

No

No

Manage - Integrations

Manage - Data Collectors

Manage - Tags

Yes

No

No

Manage - Onboarding Plans

Blueprints

Blueprints

Yes (only your projects)

Yes (only your projects)

Yes (only your projects)

Deployments

Deployments

Yes (only your projects)

N/A

Yes (only your projects)

The project members are usually developers who create and deploy blueprints.

Table 3. Project Member

Tab

Node or Area

View

Create

Modify/Delete

Infrastructure

Projects

Yes (only the projects you are a member of)

No

No

Policies - Cloud Zones

No

No

No

Policies - Flavor Mappings

Yes

No

No

Policies - Image Mappings

Yes

No

No

Policies - Network Profiles

Yes

No

No

Policies - Storage Profiles

Yes

No

No

Resources - Compute

Yes

No

No

Resources - Network

Yes

No

No

Resources - Storage

Yes

No

No

Resources - Machines

Yes (only the ones that you deployed)

Yes

Yes (only the ones that you deployed)

Resources - Volumes

Activity - Requests

Yes (only the ones that you deployed)

N/A

Yes (only the ones that you deployed)

Activity - Events

Yes (only the ones that you deployed)

N/A

Yes (only the ones that you deployed)

Manage - Cloud Accounts

No

No

No

Manage - Integrations

Manage - Data Collectors

Manage - Tags

Yes

No

No

Manage - Onboarding Plans

Blueprints

Blueprints

Yes (only the ones that you deployed)

Yes (only the ones that you deployed)

Yes (only the ones that you deployed)

Deployments

Deployments

Yes (only the ones that you deployed)

N/A

Yes (only the ones that you deployed)