Skip to main content

Roles and Permissions

About Roles and Permissions

The Vega Platform follows best practices for role-based access control (RBAC). RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. In the Vega Platform, roles are assigned to users and permissions are assigned to roles. This allows for a flexible and scalable method of managing access to the Vega Platform.

The following roles are available in the Vega Platform:

read_only

Read Only users are permitted read-only access to Vega resources for viewing purposes only. They can access all resources but are prohibited from creating, modifying, or deleting any resources or user profiles. This is the default role of every user.

Permissions
  • get_actions
  • get_business_units
  • get_organization
  • get_recommendations
  • get_recommendation_categories
  • get_resources
  • get_resource_pools
  • get_spaces
  • get_tags
  • get_workloads
  • get_scheduled_events
  • get_parking_policy
  • get_notifications
  • edit_notifications
  • get_business_unit_types
  • get_self
  • get_users
  • get_provider_accounts
analyst

Analysts are granted read-only access to Vega resources to conduct analyses. They can perceive all resources but are restricted from creating, altering, or deleting any resources or user profiles.

Permissions
  • get_actions
  • get_business_units
  • get_organization
  • get_recommendations
  • get_recommendation_categories
  • get_resources
  • get_resource_pools
  • get_spaces
  • get_tags
  • get_workloads
  • get_scheduled_events
  • get_parking_policy
  • get_notifications
  • edit_notifications
  • get_business_unit_types
  • get_self
  • get_provider_accounts
executive

Executives have read-only access to Vega resources for oversight and decision-making purposes. They can observe all resources but are disallowed from generating, modifying, or eliminating any resources or user profiles.

Permissions
  • get_actions
  • get_business_units
  • get_organization
  • get_recommendations
  • get_recommendation_categories
  • get_resources
  • get_resource_pools
  • get_spaces
  • get_tags
  • get_workloads
  • get_users
  • get_scheduled_events
  • get_parking_policy
  • get_notifications
  • edit_notifications
  • get_business_unit_types
  • get_self
  • get_provider_accounts
engineer

Engineers are allocated access to Vega resources for design and engineering purposes. They can perceive all resources and groupings and are allowed to create, adjust, or eradicate any resources. They also have the ability to take action on recommendations. However, user creation and modification is not possible.

Permissions
  • get_actions
  • get_business_units
  • get_organization
  • get_recommendations
  • get_recommendation_categories
  • get_resources
  • get_resource_pools
  • get_spaces
  • get_tags
  • get_workloads
  • get_policies
  • edit_policies
  • edit_resource_pools
  • edit_spaces
  • edit_tags
  • edit_workloads
  • get_parking_policy
  • edit_parking_policy
  • edit_scheduled_events
  • get_scheduled_events
  • get_notifications
  • edit_notifications
  • get_business_unit_types
  • get_self
  • get_provider_accounts
group_owner

Group Owners are the owners of their group. They can view their group's resources, change all resource, change all groupings, take action, and edit their group's settings and personnel.

Permissions
  • get_actions
  • get_business_units
  • edit_business_units
  • get_organization
  • get_recommendations
  • get_recommendation_categories
  • get_resources
  • get_resource_pools
  • get_spaces
  • get_tags
  • get_workloads
  • get_policies
  • edit_policies
  • edit_resource_pools
  • edit_spaces
  • edit_tags
  • edit_workloads
  • get_parking_policy
  • edit_parking_policy
  • edit_scheduled_events
  • get_scheduled_events
  • get_notifications
  • edit_notifications
  • get_business_unit_types
  • get_self
  • get_provider_accounts
org_global_admin

Org Global Admins are the owners of their organization. They can view all resources, change all resource, change all groupings, take action, and edit their organization's settings and personnel.

Permissions
  • edit_resource_pools
  • edit_recommendations
  • get_notifications
  • get_all_organizations
  • get_resources
  • edit_business_unit_types
  • edit_actions
  • manage_api_tokens
  • get_tags
  • get_business_unit_types
  • edit_provider_accounts
  • edit_recommendation_categories
  • get_provider_accounts
  • get_workloads
  • get_all_business_units
  • get_parking_policy
  • get_resource_pools
  • edit_tags
  • get_actions
  • get_recommendations
  • get_self
  • get_scheduled_events
  • edit_parking_policy
  • edit_users
  • get_spaces
  • get_policies
  • edit_business_units
  • edit_federation_settings
  • edit_scheduled_events
  • edit_spaces
  • get_organization
  • edit_policies
  • get_recommendation_categories
  • get_business_units
  • edit_notifications
  • edit_workloads
  • get_users
manager

Managers are the 'admins' of Vega. They can view all resources, change all resources, change all groupings, take action, and edit their organization's settings and personnel.

Permissions
  • edit_resource_pools
  • edit_recommendations
  • get_notifications
  • get_all_organizations
  • get_resources
  • edit_business_unit_types
  • edit_actions
  • manage_api_tokens
  • get_tags
  • get_business_unit_types
  • edit_provider_accounts
  • edit_recommendation_categories
  • get_provider_accounts
  • get_workloads
  • get_all_business_units
  • get_parking_policy
  • get_resource_pools
  • edit_tags
  • get_actions
  • get_recommendations
  • get_self
  • get_scheduled_events
  • edit_organizations
  • edit_parking_policy
  • edit_users
  • get_spaces
  • get_policies
  • edit_business_units
  • edit_federation_settings
  • edit_scheduled_events
  • edit_spaces
  • get_organization
  • edit_policies
  • get_recommendation_categories
  • get_business_units
  • edit_notifications
  • edit_workloads
  • get_users
org_owner

Org Owners are the owners of their organization. They can view all resources, change all resource, change all groupings, take action, and edit their organization's settings and personnel.

Permissions
  • edit_resource_pools
  • edit_recommendations
  • get_notifications
  • get_all_organizations
  • get_resources
  • edit_business_unit_types
  • edit_actions
  • manage_api_tokens
  • get_tags
  • get_business_unit_types
  • edit_provider_accounts
  • edit_recommendation_categories
  • get_provider_accounts
  • get_workloads
  • get_all_business_units
  • get_parking_policy
  • get_resource_pools
  • edit_tags
  • get_actions
  • get_recommendations
  • get_self
  • get_scheduled_events
  • edit_organizations
  • edit_parking_policy
  • edit_users
  • get_spaces
  • get_policies
  • edit_business_units
  • edit_federation_settings
  • edit_scheduled_events
  • edit_spaces
  • get_organization
  • edit_policies
  • get_recommendation_categories
  • get_business_units
  • edit_notifications
  • edit_workloads
  • get_users
report_author

A Vega Platform user with the ability to create QS Analysis and QS Dashboards within Vega Platform.

Permissions
  • get_self
data_reader

A Vega Platform role with the ability to generate data api keys.

Permissions
  • manage_api_tokens
  • get_self
note

Custom roles may be created to meet your specific needs. If you would like to create a custom role, please contact your Vega FinOps analyst.