Scoped Roles and Permissions
The following table provides a summary of the different permissions provided with each of the scoped roles.
(R) = Restricted based on scope
(T) = Restricted based on resource type
--- = Not applicable
Page | Ruleset Viewer (Scoped Read-Only) | Ruleset Manager | Ruleset Provisioner | Workload Manager | Application Owner (Combined Permissions) |
|---|---|---|---|---|---|
Traffic - Illumination, App Group, Explorer | |||||
Illumination Location Map | --- | --- | --- | --- | --- |
App Group Policy Map | Read (R) | Read (R) | Read (R) | --- | Read (R) |
App Group Vulnerability Map | Read (R) | Read (R) | Read (R) | --- | Read (R) |
App Group List | Read (R) | Read (R) | Read (R) | Read (R) | |
Explorer | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Blocked Traffic | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Policy | |||||
Policy Generator | Read (R) | Read+Write (R) | Read (R) | --- | Read+Write (R) |
Policies | Read (R) | Read+Write (R) | Read (R) | --- | Read+Write (R) |
Rule Search | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Policy Check | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Provisioning Draft Changes | Read (R) | Read (R) | Read+Write (R) | --- | Read+Write (R) |
Policy Versions | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Provisioning Status | Read (R) | Read (R) | Read (R) | --- | Read (R) |
Labeled Objects | |||||
Workloads | Read (R) | Read (R) | Read (R) | Read+Write (R) | Read+Write (R) |
Container Workloads | Read (R) | Read (R) | Read (R) | Read (R) | Read (R) |
Virtual Enforcement Nodes | Read (R) | Read (R) | Read (R) | Read+Write (R) | Read+Write (R) |
Pairing Profiles | --- | --- | --- | Read+Write (R) | Read+Write (R) |
Virtual Services | Read (R) | Read (R) | Read (R) | Read (R) | Read (R) |
Virtual Servers | Read | Read | Read | Read | Read |
Global Policy Objects | |||||
Services | Read | Read | Read | Read | Read |
IP Lists | Read | Read | Read | Read | Read |
User Groups | Read | Read | Read | Read | Read |
Labels | Read | Read | Read | Read | Read |
Label Groups | Read | Read | Read | Read | Read |
Settings | |||||
Segmentation Templates | --- | --- | --- | --- | --- |
Role-Based Access Global Roles | --- | --- | --- | --- | --- |
Role-Based Access Scoped Roles | --- | --- | --- | --- | --- |
Role-Based Access Users and Groups | --- | --- | --- | --- | --- |
Role-Based Access User Activity | --- | --- | --- | --- | --- |
Load Balancers | --- | --- | --- | --- | --- |
Container Clusters | --- | --- | --- | --- | --- |
Bi-directional Routing Networks | --- | --- | --- | --- | --- |
Event Settings | --- | --- | --- | --- | --- |
Setting Security | --- | --- | --- | --- | --- |
Setting Single Sign-On | --- | --- | --- | --- | --- |
Setting Password Policy | --- | --- | --- | --- | --- |
Setting Offline Timers | --- | --- | --- | --- | --- |
VEN Library | --- | --- | --- | Read | Read |
My Profile | Read+Write | Read+Write | Read+Write | Read+Write | Read+Write |
My API Keys | Read+Write | Read+Write | Read+Write | Read+Write | Read+Write |
Other | |||||
Support Reports | --- | --- | --- | Read+Write (R) | Read+Write (R) |
Events | --- | --- | --- | --- | --- |
Reports | Read (R, T) | Read (R, T) | Read (R, T) | Read (R, T) | Read (R) |
Support | Read | Read | Read | Read | Read |
PCE Health | --- | --- | --- | --- | --- |
Product Version | Read | Read | Read | Read | Read |
Help | Read | Read | Read | Read | Read |
Terms | Read | Read | Read | Read | Read |
Privacy | Read | Read | Read | Read | Read |
Patents | Read | Read | Read | Read | Read |
About Illumio | Read | Read | Read | Read | Read |