leafleafleafMan illustration
Updated on March 21, 2024

Permission Matrix

Estimated reading: 3 minutes 201 views

The Visual Guard System Role Permission Matrix page provides a detailed breakdown of the permissions associated with each of the nine predefined roles offered by Visual Guard.

The matrix is a comprehensive guide that outlines the level of access each role has to applications, groups, roles, and users. It covers a wide range of permissions, from creating and deleting applications, groups, and roles, to reading and updating permissions, permission sets, and users.

Visual Guard offers 9 predefined roles to the user. Depending on the user role the amount of access to applications, groups, roles and users will be defined.
The matrix defined below defines the permissions associated with each role.

Master AdminDeveloperRestricted DeveloperDeveloper DeployerRestricted Developer DeployerUser AdminRestricted User AdminAuditorRestricted Auditor
Applicationsø
\Applications\CanCreateApplicationø        
\Applications\CanDeleteApplicationø        
\Applications\CanDeployApplicationø  øø    
\Applications\CanReadAllApplicationsøø ø ø ø 
\Applications\CanReadApplicationøøøøøøøøø
\Applications\CanUpdateApplicationøøøøø    
AuditAndReporting
\AuditAndReporting\CanGenerateDocumentationø    øøøø
\AuditAndReporting\CanEditEventLogCategoryø        
\AuditAndReporting\CanReadEventLogøøøøøøøøø
Groups
\Groups\CanCreateGroupø    øø  
\Groups\CanReadGroupøøøøøøøøø
\Groups\CanUpdateGroupø    øø  
\Groups\CanDeleteGroupø    øø  
\Groups\CanReadAllGroupsø      ø 
Permissions
\Permissions\CanCreatePermissionøøøøø    
\Permissions\CanDeletePermissionøøøøø    
\Permissions\CanReadPermissionøøøøø  øø
\Permissions\CanUpdatePermissionøøøøø    
Permission Sets
\PermissionSets\CanCreatePermissionSetøøøøø    
\PermissionSets\CanDeletePermissionSetøøøøø    
\PermissionSets\CanReadPermissionSetøøøøø  øø
\PermissionSets\CanUpdatePermissionSetøøøøø    
\PermissionSets\CanGrantRevokePermissionSetsToApplicationRolesøøøøø    
\PermissionSets\CanGrantRevokePermissionSetsToSharedRolesøøøøø    
Repository
\Repository\CanDeleteRepositoryø        
\Repository\CanDeployRepositoryø        
\Repository\CanUpdatePasswordPolicyø        
\Repository\CanUpdateRepositoryø        
Roles
\Roles\CanCreateApplicationRoleøøøøøøø  
\Roles\CanCreateSharedRoleø    øø  
\Roles\CanCreateSystemRoleø       
\Roles\CanDeleteApplicationRoleøøøøøøø  
\Roles\CanDeleteSharedRoleø    øø  
\Roles\CanDeleteSystemRoleø       
\Roles\CanGrantRevokeApplicationRolesToGroupsøøøøøøø  
\Roles\CanGrantRevokeApplicationRolesToUsersøøøøøøø  
\Roles\CanGrantRevokeSharedRolesToGroupsø    øø  
\Roles\CanGrantRevokeSharedRolesToUsersø    øø  
\Roles\CanGrantRevokeSystemRolesToGroupsø        
\Roles\CanGrantRevokeSystemRolesToUsersø        
\Roles\CanReadApplicationRoleøøøøøøøøø
\Roles\CanReadSharedRoleøøøøøøøøø
\Roles\CanReadSystemRoleø    øøøø
\Roles\CanUpdateApplicationRoleøøøøøøø  
\Roles\CanUpdateSharedRoleø    øø  
\Roles\CanUpdateSystemRoleø        
Users
\Users\CanApprovePendingUsersø    øø  
\Users\CanAssignRemoveUsersToGroupsø    øø  
\Users\CanCreateUserø    øø  
\Users\CanDeleteUserø    øø  
\Users\CanLockUnlockUserø    øø  
\Users\CanReadAllUsersø     ø 
\Users\CanReadUserøøøøøøøøø
\Users\CanUpdateUserø    øø  
ADFS
\ADFS\CanCreateADFSServerø        
\ADFS\CanDeleteADFSServerø        
\ADFS\CanUpdateADFSServerø        

Powered By Visual-Guard