Chapter 4. Predefined User Access roles

The following table lists the predefined roles provided with User Access. Some of the predefined roles are included in the Default access group, which includes all authenticated users in your organization.

Only the Organization Administrator users in your organization inherit the roles in the Default admin access group. Because this group is provided by Red Hat, it is updated automatically when Red Hat assigns roles to the Default admin access group.

For more information about viewing predefined roles, see Chapter 2, Procedures for configuring User Access.

NOTE
Predefined roles are updated and modified by Red Hat and cannot be modified. The table might not contain all currently available predefined roles.

Table 4.1. Predefined roles provided with User Access

Role nameDescriptionDefault access groupDefault admin access group

Approval Administrator

An approval administrator role that grants permissions to manage workflows, requests, actions, and templates.

  

Approval Approver

An approval approver role that grants permissions to read and approve requests.

  

Approval User

An approval user role which grants permissions to create/read/cancel a request, and read workflows.

X

 

Automation Analytics Administrator

An Automation Analytics Administrator role that grants ALL permissions.

  

Automation Analytics Editor

An Automation Analytics Editor role that grants read-write permissions.

X

 

Automation Analytics Viewer

An Automation Analytics Viewer role that grants read permissions.

  

Automation Services Catalog administrator

A catalog administrator roles grants create,read,update, delete and order permissions

  

Automation Services Catalog user

A catalog user roles grants read and order permissions

X

 

Compliance administrator

A Compliance role that grants full access to any Compliance resource.

 

X

Compliance viewer

A Compliance role that grants read access to any Compliance resource.

X

 

Cost Administrator

A cost management administrator role that grants read and write permissions.

 

X

Cost Cloud Viewer

A cost management role that grants read permissions on cost reports related to cloud sources.

  

Cost OpenShift Viewer

A cost management role that grants read permissions on cost reports related to OpenShift sources.

  

Cost Price List Administrator

A cost management role that grants read and write permissions on cost models.

  

Cost Price List Viewer

A cost management role that grants read permissions on cost models.

  

Drift analysis administrator

Perform any available operation against any Drift Analysis resource.

 

X

Drift viewer

Perform read only operation against Drift Analysis resources.

X

 

Domains administrator

Perform any available operation against any domain resource.

 

X

Domains viewer

Perform read only operations against domain resources.

X

 

Hybrid Committed Spend viewer

View any Hybrid Committed Spend report.

  

Inventory Groups Administrator

Be able to read and edit Inventory Groups data.

 

X

Inventory Groups Viewer

Be able to read Inventory Groups data.

  

Inventory Hosts Administrator

Be able to read and edit Inventory Hosts data.

X

X

Inventory Hosts Viewer

Be able to read Inventory Hosts data.

  

Inventory administrator

Perform any available operation against any Inventory resource.

  

Launch Administrator

An launch administrator role that grants read and write permissions.

 

X

Launch Viewer

An launch role that grants read permissions on launch reservation and related resources.

X

 

Launch on AWS User

An AWS launch role that grants write permissions on launch reservation and related resources.

  

Launch on Azure User

An Azure launch role that grants write permissions on launch reservation and related resources.

  

Launch on Google Cloud User

An Google Cloud launch role that grants write permissions on launch reservation and related resources.

  

Malware detection administrator

Perform any available operation against any malware-detection resource.

 

X

Malware detection viewer

Read any malware-detection resource.

  

Notifications administrator

Perform any available operation against Notifications and Integrations applications.

 

X

Notifications viewer

Read only access to notifications and integrations applications.

X

 

OCM Cluster Autoscaler Editor

Grants permission to edit cluster autoscaler

  

OCM Cluster Editor

Grants permission to edit clusters

  

OCM Cluster Provisioner

Grants permission to provision clusters

X

 

OCM Cluster Viewer

Grants permission to view clusters

X

 

OCM Idp Editor

Grants permission to edit idps

  

OCM Machine Pool Editor

Grants permission to edit machine pools

  

OCM Organization Admin

Grants administrative permissions associated organization’s clusters

  

OCP Advisor administrator

Perform any available operation against any OCP Advisor resource.

X

 

Organization Staleness and Deletion Administrator

Be able to read and edit Organization Staleness and Deletion data.

 

X

Organization Staleness and Deletion Viewer

Be able to read Organization Staleness and Deletion data.

X

 

Patch administrator

Perform any available operation against any Patch resource.

 

X

Patch viewer

Read any Patch resource.

X

 

Policies administrator

Perform any available operation against any Policies resource.

 

X

Policies viewer

Perform read only operation against any Policies resource.

X

 

RHC administrator

Perform any operations on RHC manager

 

X

RHC user

Can view the current configurations on RHC manager and write to activation keys

X

 

RHEL Advisor administrator

Perform any available operation against any RHEL Advisor resource.

X

 

Remediations administrator

Perform any available operation against any Remediations resource

  

Remediations user

Perform create, view, update, delete operations against any Remediations resource.

X

 

Repositories administrator

Perform any available operation against any repositories resource.

 

X

Repositories viewer

Perform read only operations against repositories resources.

X

 

Resource Optimization administrator

Perform any available operation against any Resource Optimization resource.

 

X

Resource Optimization user

A Resource Optimization user role that grants read only permission.

X

 

Sources administrator

Perform any available operation against any Source

 

X

Subscriptions administrator

Perform any available operation against any Subscriptions resource.

 

X

Subscriptions user

View any Subscriptions resource.

X

 

Tasks administrator

Perform any available operation against any Tasks resource.

 

X

User Access administrator

Grants a non-org admin full access to configure and manage user access to services hosted on Grants a non-org admin full access to console.redhat.com. This role can only be viewed and assigned by Organization Administrators.

 

X

User Access principal viewer

Grants a non-org admin read access to principals within user access.

  

Vulnerability administrator

Perform any available operation against any Vulnerability resource.

X

 

Vulnerability viewer

Read any Vulnerability resource.