Skip to main content

Palette Global and Custom Resource Roles

Palette support two types of resource roles, global resource roles and custom resource roles:


  • Global Resource Roles are a set of roles built in and available to you.

  • Custom Resource Roles, are roles you can create in Palette using a set of permissions and operations.

To learn how to create a custom role. Review the Create Custom Role guide.

Palette Global Resource Roles

Palette provides the following built-in global resource roles:


  • Cluster

    • Resource Cluster Admin

    • Resource Cluster Editor

    • Resource Cluster Viewer

  • Cluster Profile

    • Resource Cluster Profile Admin

    • Resource Cluster Profile Editor

    • Resource Cluster Profile Viewer


Cluster


Role NamesDescription
Resource Cluster AdminA cluster admin in Project scope has all the privileges related to cluster operation
Resource Cluster EditorA cluster editor in Project scope has the privileges to update, delete,get and list cluster resources. This role is not privileged for cluster creation
Resource Cluster ViewerA cluster viewer in Project scope is a read-only privilege to cluster operations


Resource Cluster Admin


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
cloudaccount
cloudconfig
cluster
clusterProfile
clusterRbac
dnsMapping
edgehost
location
machine
macro
packRegistry
privateGateway
sshKey


Cluster Profile

The user with these permissions can manage the Cluster Profiles within a project.


Role NamesDescription
Cluster Profile AdminCluster Profile Admin role has admin privileges to all the cluster profile operations
Cluster Profile EditorCluster Profile Editor role has privileges to edit and list operations on the cluster profile
Cluster Profile ViewerCluster Profile Viewer role has read-only privileges to cluster profiles


Resource Cluster Profile Admin


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
clusterProfile
macro
packRegistry


Palette Custom Resource Roles


The following is a list of platform permissions and operations supported by Palette. Use these permissions to create custom role to control the cluster access. For every Resource Keys available operations can be added as per your requirements.


List of Custom Permissions


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
cloudaccount
cloudconfig
cluster
clusterProfile
dnsMapping
location
machine
macro
packRegistry

Resources

Resource Scope Matrix