Docly

permission matrix

Estimated reading: 3 minutes 109 views

Visual Guard offers 9 predefined roles to the user. Depending on the user role the amount of access to applications, groups, roles and users will be defined.
The matrix defined below defines the permissions associated with each role.

Master AdminDeveloperRestricted DeveloperDeveloper DeployerRestricted Developer DeployerUser AdminRestricted User AdminAuditorRestricted Auditor
Applicationsø
\Applications\CanCreateApplicationø        
\Applications\CanDeleteApplicationø        
\Applications\CanDeployApplicationø  øø    
\Applications\CanReadAllApplicationsøø ø ø ø 
\Applications\CanReadApplicationøøøøøøøøø
\Applications\CanUpdateApplicationøøøøø    
AuditAndReporting
\AuditAndReporting\CanGenerateDocumentationø    øøøø
\AuditAndReporting\CanEditEventLogCategoryø        
\AuditAndReporting\CanReadEventLogøøøøøøøøø
Groups
\Groups\CanCreateGroupø    øø  
\Groups\CanReadGroupøøøøøøøøø
\Groups\CanUpdateGroupø    øø  
\Groups\CanDeleteGroupø    øø  
\Groups\CanReadAllGroupsø      ø 
Permissions
\Permissions\CanCreatePermissionøøøøø    
\Permissions\CanDeletePermissionøøøøø    
\Permissions\CanReadPermissionøøøøø  øø
\Permissions\CanUpdatePermissionøøøøø    
Permission Sets
\PermissionSets\CanCreatePermissionSetøøøøø    
\PermissionSets\CanDeletePermissionSetøøøøø    
\PermissionSets\CanReadPermissionSetøøøøø  øø
\PermissionSets\CanUpdatePermissionSetøøøøø    
\PermissionSets\CanGrantRevokePermissionSetsToApplicationRolesøøøøø    
\PermissionSets\CanGrantRevokePermissionSetsToSharedRolesøøøøø    
Repository
\Repository\CanDeleteRepositoryø        
\Repository\CanDeployRepositoryø        
\Repository\CanUpdatePasswordPolicyø        
\Repository\CanUpdateRepositoryø        
Roles
\Roles\CanCreateApplicationRoleøøøøøøø  
\Roles\CanCreateSharedRoleø    øø  
\Roles\CanCreateSystemRoleø       
\Roles\CanDeleteApplicationRoleøøøøøøø  
\Roles\CanDeleteSharedRoleø    øø  
\Roles\CanDeleteSystemRoleø       
\Roles\CanGrantRevokeApplicationRolesToGroupsøøøøøøø  
\Roles\CanGrantRevokeApplicationRolesToUsersøøøøøøø  
\Roles\CanGrantRevokeSharedRolesToGroupsø    øø  
\Roles\CanGrantRevokeSharedRolesToUsersø    øø  
\Roles\CanGrantRevokeSystemRolesToGroupsø        
\Roles\CanGrantRevokeSystemRolesToUsersø        
\Roles\CanReadApplicationRoleøøøøøøøøø
\Roles\CanReadSharedRoleøøøøøøøøø
\Roles\CanReadSystemRoleø    øøøø
\Roles\CanUpdateApplicationRoleøøøøøøø  
\Roles\CanUpdateSharedRoleø    øø  
\Roles\CanUpdateSystemRoleø        
Users
\Users\CanApprovePendingUsersø    øø  
\Users\CanAssignRemoveUsersToGroupsø    øø  
\Users\CanCreateUserø    øø  
\Users\CanDeleteUserø    øø  
\Users\CanLockUnlockUserø    øø  
\Users\CanReadAllUsersø     ø 
\Users\CanReadUserøøøøøøøøø
\Users\CanUpdateUserø    øø  
ADFS
\ADFS\CanCreateADFSServerø        
\ADFS\CanDeleteADFSServerø        
\ADFS\CanUpdateADFSServerø        

Leave a Comment

Share this Doc
CONTENTS