Menu Close

Chapter 4. Predefined User Access roles

4.1. Predefined User Access roles

The following table lists the predefined roles provided with User Access. Some of the predefined roles are included in the Default access group, which includes all authenticated users in your organization.

Only the Organization Administrator users in your organization inherit the roles in the Default admin access group. Because this group is provided by Red Hat, it is updated automatically when Red Hat assigns roles to the Default admin access group.

For more information about viewing predefined roles, see Chapter 2, Procedures for configuring User Access.

NOTE
Predefined roles are updated and modified by Red Hat and cannot be modified. The table might not contain all currently available predefined roles.

Table 4.1. Predefined roles provided with User Access

Role nameDescriptionDefault access groupDefault admin access group

Approval Administrator

An approval administrator role that grants permissions to manage workflows, requests, actions, and templates.

  

Approval User

An approval user role which grants permissions to create/read/cancel a request and read workflows.

true

 

Approval Approver

An approval approver role that grants permissions to read and approve requests.

  

Automation Analytics Administrator

An Automation Analytics Administrator role that grants ALL permissions.

  

Automation Analytics Editor

An Automation Analytics Editor role that grants read-write permissions.

true

 

Automation Analytics Viewer

An Automation Analytics Viewer role that grants read permissions.

  

Automation Services Catalog administrator

A catalog administrator roles grants create, read, update, delete and order permissions

  

Automation Services Catalog user

A catalog user roles grants read and order permissions

true

 

Compliance administrator

A Compliance role that grants full access to any Compliance resource.

 

true

Compliance viewer

A Compliance role that grants read access to any Compliance resource.

true

 

RHC administrator

Perform any operations on RHC manager

 

true

RHC viewer

Can view the current configurations on RHC manager

true

 

Cost Administrator

A cost management administrator role that grants read and write permissions.

 

true

Cost Price List Administrator

A cost management role that grants read and write permissions on cost models.

  

Cost Price List Viewer

A cost management role that grants read permissions on cost models.

  

Cost Cloud Viewer

A cost management role that grants read permissions on cost reports related to cloud sources.

  

Cost OpenShift Viewer

A cost management role that grants read permissions on cost reports related to OpenShift sources.

  

Drift analysis administrator

Perform any available operation against any Drift Analysis resource.

true

 

RHEL Advisor administrator

Perform any available operation against any RHEL Advisor resource.

true

 

Inventory administrator

Perform any available operation against any Inventory resource.

true

 

Malware detection administrator

Perform any available operation against any malware-detection resource.

 

true

Malware detection viewer

Read any malware-detection resource.

  

Migration Analytics administrator

Perform any available operation against any Migration Analytics resource.

true

 

Notifications administrator

Perform any available operation against Notifications and Integrations applications.

 

true

Notifications viewer

Read only access to notifications and integrations applications.

  

OCP Advisor administrator

Perform any available operation against any OCP Advisor resource.

true

 

Patch administrator

Perform any available operation against any Patch resource.

true

 

Policies administrator

Perform any available operation against any Policies resource.

true

 

User Access administrator

Grants a non-org admin full access to configure and manage user access to services hosted on console.redhat.com. This role can only be viewed and assigned by Organization Administrators.

  

User Access principal viewer

Grants a non-org admin read access to principals within user access.

  

Remediations administrator

Perform any available operation against any Remediations resource

  

Remediations user

Perform create view update delete operations against any Remediations resource.

true

 

Resource Optimization administrator

Perform any available operation against any Resource Optimization resource.

 

true

Resource Optimization user

A Resource Optimization user role that grants read only permission.

true

 

Sources administrator

Perform any available operation against any Source

  

Subscriptions administrator

Perform any available operation against any Subscriptions resource.

 

true

Subscriptions user

View any Subscriptions resource.

true

 

Vulnerability administrator

Perform any available operation against any Vulnerability resource.

true

 

Vulnerability viewer

Read any Vulnerability resource.