RBAC & Permissions

Role-Based Access Control governs who can do what across every agent and action on the platform. Assign roles carefully, especially before using Idle Resource Management.

🛡️ RBAC is always active. Every agent run, approval request, and settings change is gated by the role of the logged-in user.

Roles at a Glance

👁️Read Only: View dashboards and reports. No provisioning or approvals.

👨‍💻Developer: Provision repos and dev infra. Core day-to-day role.

🔧SRE: Manage incidents, execute runbooks, trigger auto-heal.

⚙️DevOps Eng: Full infra provisioning up to staging. Runbooks & auto-heal.

👑Platform Admin: Full access. Only role that can approve deletions and manage settings.

RBAC Permission Matrix

The table below shows exactly which roles can perform each action. A ✓ means the role has access; — means access is denied.

Assigning & Changing Roles

Roles are managed in Settings → User Management.

A Platform Admin can change any user's role at any time via the dropdown in the user table. Role changes take effect immediately on the next page load for that user.

Best practice Start all new users as Developer. Promote to DevOps Engineer or SRE as their scope grows. Reserve Platform Admin for the smallest group necessary — typically team leads, platform owners, and on-call engineers who handle approvals.

PreviousService Catalog NextRole and Access

Last updated 6 hours ago

Good afternoon

hashtagRoles at a Glance

hashtagRBAC Permission Matrix

hashtagAssigning & Changing Roles

Roles at a Glance

RBAC Permission Matrix

Assigning & Changing Roles