Chapter 4. Predefined User Access roles

The following table lists the predefined roles provided with User Access. Some of the predefined roles are included in the Default access group, which includes all authenticated users in your organization.

Only the Organization Administrator users in your organization inherit the roles in the Default admin access group. Because this group is provided by Red Hat, it is updated automatically when Red Hat assigns roles to the Default admin access group.

For more information about viewing predefined roles, see Chapter 2, Procedures for configuring User Access.

NOTE
Predefined roles are updated and modified by Red Hat and cannot be modified. The table might not contain all currently available predefined roles.

Table 4.1. Predefined roles provided with User Access

Role nameDescriptionDefault access groupDefault admin access group

Approval Administrator

An approval administrator role that grants permissions to manage workflows, requests, actions, and templates.

  

Approval User

An approval user role which grants permissions to create/read/cancel a request, and read workflows.

X

 

Approval Approver

An approval approver role that grants permissions to read and approve requests.

  

Automation Analytics Administrator

An Automation Analytics Administrator role that grants ALL permissions.

  

Automation Analytics Editor

An Automation Analytics Editor role that grants read-write permissions.

X

 

Automation Analytics Viewer

An Automation Analytics Viewer role that grants read permissions.

  

Automation Services Catalog administrator

A catalog administrator roles grants create,read,update, delete and order permissions

  

Automation Services Catalog user

A catalog user roles grants read and order permissions

X

 

Compliance administrator

A Compliance role that grants full access to any Compliance resource.

 

X

Compliance viewer

A Compliance role that grants read access to any Compliance resource.

X

 

RHC administrator

Perform any operations on RHC manager

 

X

RHC viewer

Can view the current configurations on RHC manager

X

 

Repositories administrator

Perform any available operation against any repositories resource.

 

X

Repositories viewer

Perform read only operations against repositories resources.

X

 

Cost Administrator

A cost management administrator role that grants read and write permissions.

 

X

Cost Price List Administrator

A cost management role that grants read and write permissions on cost models.

  

Cost Price List Viewer

A cost management role that grants read permissions on cost models.

  

Cost Cloud Viewer

A cost management role that grants read permissions on cost reports related to cloud sources.

  

Cost OpenShift Viewer

A cost management role that grants read permissions on cost reports related to Red Hat OpenShift sources.

  

Drift analysis administrator

Perform any available operation against any Drift Analysis resource.

 

X

Drift viewer

Perform read only operation against Drift Analysis resources.

X

 

RHEL Advisor administrator

Perform any available operation against any RHEL Advisor resource.

X

 

Inventory administrator

Perform any available operation against any Inventory resource.

  

Inventory Hosts Administrator

Be able to read and edit Inventory Hosts data.

X

X

Inventory Hosts Viewer

Be able to read Inventory Hosts data.

  

Inventory Groups Administrator

Be able to read and edit Inventory Groups data.

 

X

Inventory Groups Viewer

Be able to read Inventory Groups data.

  

Malware detection administrator

Perform any available operation against any malware-detection resource.

 

X

Malware detection viewer

Read any malware-detection resource.

  

Migration Analytics administrator

Perform any available operation against any Migration Analytics resource.

X

 

Notifications administrator

Perform any available operation against Notifications and Integrations applications.

 

X

Notifications viewer

Read only access to notifications and integrations applications.

  

OCM Cluster Editor

Grants permission to edit clusters

  

OCM Idp Editor

Grants permission to edit idps

  

OCM Machine Pool Editor

Grants permission to edit machine pools

  

OCM Cluster Provisioner

Grants permission to provision clusters

X

 

OCM Cluster Viewer

Grants permission to view clusters

X

 

OCM Organization Admin

Grants administrative permissions associated organization’s clusters

  

OCP Advisor administrator

Perform any available operation against any OCP Advisor resource.

X

 

Patch administrator

Perform any available operation against any Patch resource.

 

X

Patch viewer

Read any Patch resource.

X

 

Policies administrator

Perform any available operation against any Policies resource.

 

X

Policies viewer

Perform read only operation against any Policies resource.

X

 

User Access administrator

Grants a non-org admin full access to configure and manage user access to services hosted on console.redhat.com. This role can only be viewed and assigned by Organization Administrators.

  

User Access principal viewer

Grants a non-org admin read access to principals within user access.

  

Remediations administrator

Perform any available operation against any Remediations resource

  

Remediations user

Perform create, view, update, delete operations against any Remediations resource.

X

 

Resource Optimization administrator

Perform any available operation against any Resource Optimization resource.

 

X

Resource Optimization user

A Resource Optimization user role that grants read only permission.

X

 

Sources administrator

Perform any available operation against any Source

 

X

Subscriptions administrator

Perform any available operation against any Subscriptions resource.

 

X

Subscriptions user

View any Subscriptions resource.

X

 

Tasks administrator

Perform any available operation against any Tasks resource.

 

X

Vulnerability administrator

Perform any available operation against any Vulnerability resource.

X

 

Vulnerability viewer

Read any Vulnerability resource.