Roles and Use-cases associated with each Role¶
Here is the list of all use-cases associated with each role:
Use-cases for User role¶
The User Role with roles:id:user tag has the following permissions:
| Use-Case-ID | Use-Case Name |
|---|---|
| create-grant-request-in-bifrost | Create Grant Request In Bifrost App |
| manage-profile-in-home-app | Manage Profile in Home App |
| manage-user-tags | Manage User Tags |
| manage-user-token-in-home-app | Manage User Tokens in Home App |
| read-caretaker-ingress | Read Caretaker Ingress |
| view-dph-app | View DPH App |
| view-home-app | View Home App |
Use-cases for Data Dev role¶
The Data Dev Role with roles:id:data-dev tag has the following permissions:
| Use-Case-ID | Use-Case Name |
|---|---|
| manage-all-other-resources-in-user-layer | Manage All Instance-level Resources of DataOS in user layer |
| manage-database-in-user-workspaces | Manage Database in User Workspaces |
| manage-monitor-in-user-workspaces | Create Update and Delete Monitor Resources in user layer Workspaces |
| manage-pager-resources-in-system-workspaces | Create Update and Delete Pager Resources in System layer Workspaces |
| manage-pager-resources-in-user-workspaces | Create Update and Delete Pager Resources in user layer Workspaces |
| manage-profile-in-home-app | Manage Profile in Home App |
| manage-service-in-user-workspaces | Manage Service in User Workspaces |
| manage-user-tags | Manage User Tags |
| manage-user-token-in-home-app | Manage User Tokens in Home App |
| manage-user-tokens | Manage User Tokens |
| manage-worker-in-user-workspaces | Manage Worker in User Workspaces |
| manage-workflow-in-user-workspaces | Manage Workflow in User Workspaces |
| minerva-cluster-access | Minerva Cluster Access |
| peer-log-stream-service | Peer and Log Stream Service |
| read-all-resources-in-user-workspaces | Read All Resources in User Workspaces |
| read-analytics-events | Read Analytics Events |
| read-caretaker-ingress | Read Caretaker |
| read-content-item-collated | Read Collated Content Item |
| read-governance-primitives | Read Governance Primitives |
| read-instance-resources-collated | Read Instance Collated Resource |
| read-lens2-backend | Read Lens2 Backend |
| read-nodes-collated | Read Collated Node |
| read-pods-collated | Read Collated Pod |
| read-products | Get Products Details From Poros |
| read-specific-secret | Read Specific Secret |
| read-talos | Read Talos |
| read-workspaces | Read Workspaces |
| run-query-gateway | Run Query Gateway |
| view-dph-app | View dph app |
| view-grafana-app | View Grafana App |
| view-home-app | View home App |
| view-workbench-app | View workbench App |
Use-cases for System Dev role¶
The System Dev Role with roles:id:system-dev tag has the following permissions:
| Use-Case-ID | Use-Case Name |
|---|---|
| edit-grafana-app | Edit Grafana App |
| manage-all-dataset | Manage All Dataset |
| manage-all-depot | Manage All Depot |
| manage-all-other-resources-in-system-layer | Manage all instance-level resources of DataOS in System Layer |
| manage-analytics-events | Manage Analytics Events |
| manage-database-in-system-workspaces | Manage Database in System Workspaces |
| manage-datapolicy | Authorize user to manage data policy |
| manage-lakehouse-in-system-workspaces | Create Update and Delete Lakehouse in system layer workspaces |
| manage-lens2-backend | Manage Lens2 Backend |
| manage-lens-in-system-workspaces | Create Update and Delete Lens in System layer Workspaces |
| manage-monitor-in-system-workspaces | Create Update and Delete Monitor in system layer Workspaces |
| manage-products | Manage Products in Poros |
| manage-profile-in-home-app | Manage Profile in Home App |
| manage-secret-in-system-workspaces | Manage Secret in System Workspaces |
| manage-secrets | Manage Secrets |
| manage-service-in-system-workspaces | Manage Service in System Workspaces |
| manage-talos | Manage Talos |
| manage-user-tags | Manage User Tags |
| manage-user-token-in-home-app | Manage User Tokens in Home App |
| manage-user-tokens | Manage User Tokens |
| manage-worker-in-system-workspaces | Manage Worker in System Workspaces |
| minerva-cluster-access | Minerva Cluster Access |
| peer-log-stream-service | Peer and Log Stream Service |
| read-all-resources-system-workspaces | Read All Resources in System Workspaces |
| read-caretaker-ingress | Read Caretaker |
| read-cloud-kernel-primitives | Read Cloud-Kernel Primitives |
| read-installed-products | Read Installed Products |
| read-instance-resources-collated | Read Instance Collated Resource |
| read-nodes-collated | Read Collated Node |
| read-page-events | Read Page Events |
| read-pods-collated | Read Collated Pod |
| read-products | Get Products Details From Poros |
| read-specific-secret | Read Specific Secret |
| read-stack-secrets | Read Stack related Secrets |
| read-usage | Read Usage |
| read-workspaces | Read Workspaces |
| run-incremental-jobs | Run Incremental Jobs |
| run-query-gateway | Run Query Gateway |
| view-dph-app | View dph app |
| view-home-app | View home App |
| view-workbench-app | View workbench App |
Use-cases for Operator role¶
The Operator Role with roles:id:operator tag has the following permissions:
| Use-Case-ID | Use-Case Name |
|---|---|
| download-dph-file | Download dph file |
| download-workbench-file | Download workbench file |
| grafana-admin | Admin Grafana App |
| manage-all-dataset | Manage All Dataset |
| manage-all-depot | Manage All Depot |
| manage-all-other-resources-in-system-layer | Manage all instance-level resources of DataOS in System Layer |
| manage-all-other-resources-in-user-layer | Manage All Instance-level Resources of DataOS in user layer |
| manage-analytics-events | Manage Analytics Events |
| manage-cluster-in-system-workspaces | Manage Cluster in System Workspaces |
| manage-cluster-in-user-workspaces | Manage Cluster in User Workspaces |
| manage-database-in-user-workspaces | Manage Database in User Workspaces |
| manage-datapolicy | Authorize user to manage data policy |
| manage-governance-primitives | Manage Governance Primitives |
| manage-lens2-backend | Manage Lens2 Backend |
| manage-metis | Manage Metis |
| manage-pager-resources-in-system-workspaces | Create Update and Delete Pager Resources in System layer Workspaces |
| manage-pager-resources-in-user-workspaces | Create Update and Delete Pager Resources in System layer Workspaces |
| manage-products | Manage Products in Poros |
| manage-profile-in-home-app | Manage Profile in Home App |
| manage-secrets | Manage Secrets |
| manage-service-in-user-workspaces | Manage Service in User Workspaces |
| manage-system-workspaces | Manage Service in User Workspaces |
| manage-talos | Manage Talos |
| manage-user-tags | Manage User Tags |
| manage-user-token-in-home-app | Manage User Tokens in Home App |
| manage-user-tokens | Manage User Tokens |
| manage-user-workspaces | Manage User Workspaces |
| manage-users | Manage Users |
| manage-worker-in-user-workspaces | Manage Worker in User Workspaces |
| manage-workflow-in-user-workspaces | Manage Workflow in User Workspaces |
| metis-root-access | Allow user for metis root access |
| minerva-cluster-access | Minerva Cluster Access |
| peer-exec-stream-service | Peer and Exec Stream Service |
| peer-log-stream-service | Peer and Log Stream Service |
| peer-stream-service | Peer and Stream Service |
| read-all-secrets-from-heimdall | Read All Secrets From Heimdall |
| read-caretaker-ingress | Read Caretaker |
| read-cloud-kernel-primitives | Read Cloud-Kernel Primitives |
| read-content-item-collated | Read Collated Content Item |
| read-core-kernel-logs | Read Core-Kernel Logs |
| read-core-kernel-primitives | Read Core-Kernel Primitives |
| read-installed-products | Read Installed Products |
| read-instance-resources-collated | Read Instance Collated Resource |
| read-metis | Read Metis |
| read-nodes-collated | Read Collated Node |
| read-page-events | Read Page Events |
| read-pods-collated | Read Collated Pod |
| read-products | Get Products Details From Poros |
| read-resources-collated | Read Collated Resource |
| read-stack-secrets | Read Stack related Secrets |
| read-usage | Read Usage |
| read-user-tags | Read User Tags |
| read-users | Read Users |
| run-incremental-jobs | Run Incremental Jobs |
| themis-read-dataset | Authorize user for - read a dataset using themis |
| un-sanitize-resource | Un-sanitize Resources |
| validate-stack | Validate Stack |
| view-bifrost-app | View Bifrost App |
| view-dph-app | View dph app |
| view-home-app | View home App |
| view-operations-app | View Operations App |
| view-workbench-app | View workbench App |