Roles & Permissions
About Roles and Permissions
The Vega Platform adheres to best practices for Role-Based Access Control (RBAC), a security framework that manages access to computer or network resources based on user roles within an organization. In the Vega Platform, users are assigned roles, and roles are granted specific permissions. This approach ensures a flexible, scalable, and efficient way to manage access across the platform.
Roles and Permissions Table
The table lists the roles available in the Vega Platform. Each role shows a high-level description of the role, the number of users with the role, and the number of associated permissions for the role:
Role Details
Clicking on the "Details" link in the Actions column will show a detailed view for that role, which has two tabs.
Members Tab
The Members tab lists all users that have been associated to the role, including name, email, creation date, and status.
Permissions Tab
The Permissions tab lists all the detailed permissions that are associated to the role.
Roles and Permissions Summary
The following is a summarized view of roles that are available by default, as well as the permissions associated to each role.
Custom roles may be created to meet your specific needs. If you would like to create a custom role, please contact your Vega Customer Success Manager.
read_only
Read Only users are permitted read-only access to Vega resources for viewing purposes only. They can access all resources but are prohibited from creating, modifying, or deleting any resources or user profiles. This is the default role of every user.
Permissions
- get_actions
- get_business_units
- get_organization
- get_recommendations
- get_recommendation_categories
- get_resources
- get_resource_pools
- get_spaces
- get_tags
- get_workloads
- get_scheduled_events
- get_parking_policy
- get_notifications
- edit_notifications
- get_business_unit_types
- get_self
- get_users
- get_provider_accounts
analyst
Analysts are granted read-only access to Vega resources to conduct analyses. They can perceive all resources but are restricted from creating, altering, or deleting any resources or user profiles.
Permissions
- get_actions
- get_business_units
- get_organization
- get_recommendations
- get_recommendation_categories
- get_resources
- get_resource_pools
- get_spaces
- get_tags
- get_workloads
- get_scheduled_events
- get_parking_policy
- get_notifications
- edit_notifications
- get_business_unit_types
- get_self
- get_provider_accounts
executive
Executives have read-only access to Vega resources for oversight and decision-making purposes. They can observe all resources but are disallowed from generating, modifying, or eliminating any resources or user profiles.
Permissions
- get_actions
- get_business_units
- get_organization
- get_recommendations
- get_recommendation_categories
- get_resources
- get_resource_pools
- get_spaces
- get_tags
- get_workloads
- get_users
- get_scheduled_events
- get_parking_policy
- get_notifications
- edit_notifications
- get_business_unit_types
- get_self
- get_provider_accounts
engineer
Engineers are allocated access to Vega resources for design and engineering purposes. They can perceive all resources and groupings and are allowed to create, adjust, or eradicate any resources. They also have the ability to take action on recommendations. However, user creation and modification is not possible.
Permissions
- get_actions
- get_business_units
- get_organization
- get_recommendations
- get_recommendation_categories
- get_resources
- get_resource_pools
- get_spaces
- get_tags
- get_workloads
- get_policies
- edit_policies
- edit_resource_pools
- edit_spaces
- edit_tags
- edit_workloads
- get_parking_policy
- edit_parking_policy
- edit_scheduled_events
- get_scheduled_events
- get_notifications
- edit_notifications
- get_business_unit_types
- get_self
- get_provider_accounts
group_owner
Group Owners are the owners of their group. They can view their group's resources, change all resource, change all groupings, take action, and edit their group's settings and personnel.
Permissions
- get_actions
- get_business_units
- edit_business_units
- get_organization
- get_recommendations
- get_recommendation_categories
- get_resources
- get_resource_pools
- get_spaces
- get_tags
- get_workloads
- get_policies
- edit_policies
- edit_resource_pools
- edit_spaces
- edit_tags
- edit_workloads
- get_parking_policy
- edit_parking_policy
- edit_scheduled_events
- get_scheduled_events
- get_notifications
- edit_notifications
- get_business_unit_types
- get_self
- get_provider_accounts
org_global_admin
Org Global Admins are the owners of their organization. They can view all resources, change all resource, change all groupings, take action, and edit their organization's settings and personnel.
Permissions
- edit_resource_pools
- edit_recommendations
- get_notifications
- get_all_organizations
- get_resources
- edit_business_unit_types
- edit_actions
- manage_api_tokens
- get_tags
- get_business_unit_types
- edit_provider_accounts
- edit_recommendation_categories
- get_provider_accounts
- get_workloads
- get_all_business_units
- get_parking_policy
- get_resource_pools
- edit_tags
- get_actions
- get_recommendations
- get_self
- get_scheduled_events
- edit_parking_policy
- edit_users
- get_spaces
- get_policies
- edit_business_units
- edit_federation_settings
- edit_scheduled_events
- edit_spaces
- get_organization
- edit_policies
- get_recommendation_categories
- get_business_units
- edit_notifications
- edit_workloads
- get_users
manager
Managers are the 'admins' of Vega. They can view all resources, change all resources, change all groupings, take action, and edit their organization's settings and personnel.
Permissions
- edit_resource_pools
- edit_recommendations
- get_notifications
- get_all_organizations
- get_resources
- edit_business_unit_types
- edit_actions
- manage_api_tokens
- get_tags
- get_business_unit_types
- edit_provider_accounts
- edit_recommendation_categories
- get_provider_accounts
- get_workloads
- get_all_business_units
- get_parking_policy
- get_resource_pools
- edit_tags
- get_actions
- get_recommendations
- get_self
- get_scheduled_events
- edit_organizations
- edit_parking_policy
- edit_users
- get_spaces
- get_policies
- edit_business_units
- edit_federation_settings
- edit_scheduled_events
- edit_spaces
- get_organization
- edit_policies
- get_recommendation_categories
- get_business_units
- edit_notifications
- edit_workloads
- get_users
org_owner
Org Owners are the owners of their organization. They can view all resources, change all resource, change all groupings, take action, and edit their organization's settings and personnel.
Permissions
- edit_resource_pools
- edit_recommendations
- get_notifications
- get_all_organizations
- get_resources
- edit_business_unit_types
- edit_actions
- manage_api_tokens
- get_tags
- get_business_unit_types
- edit_provider_accounts
- edit_recommendation_categories
- get_provider_accounts
- get_workloads
- get_all_business_units
- get_parking_policy
- get_resource_pools
- edit_tags
- get_actions
- get_recommendations
- get_self
- get_scheduled_events
- edit_organizations
- edit_parking_policy
- edit_users
- get_spaces
- get_policies
- edit_business_units
- edit_federation_settings
- edit_scheduled_events
- edit_spaces
- get_organization
- edit_policies
- get_recommendation_categories
- get_business_units
- edit_notifications
- edit_workloads
- get_users
report_author
A Vega Platform user with the ability to create QS Analysis and QS Dashboards within Vega Platform.
Permissions
- get_self
data_reader
A Vega Platform role with the ability to generate data api keys.
Permissions
- manage_api_tokens
- get_self