Roles and permissions#

A number of roles are defined in the product that can be assigned to a user or group. Roles set boundaries on activities that a user or group member can perform.

Roles are assigned to users and groups within the team context. Users or groups are assigned to a team with a specific role. The role assigned to a user is only for the team that the user is a member. A user can be a member of multiple teams and have a different role on each.

The interlocking concept of teams, roles, and permissions ensures that users have the appropriate permissions to perform their work and not affect processes outside of their assigned scope. The interaction of these three concepts provides the mechanisms to create an infrastructure that is secure and flexible.

There are two types of roles, global and team. Global roles provide permissions to access all resources of the product. Team specific roles provide permissions to access team specific resources of the product. Users with team specific roles can view only the resources associated with that team.

You can customize the roles using the following procedure.

  1. On the HCL™ Accelerate dashboard, click Settings Settings icon, and then click Authorization > Roles.
  2. On the Roles page, click Create role.
  3. In the Name field, enter the name for the role.
  4. In the Description field, enter the description for the role.
  5. In the Scope field, select the scope for the role.

    Note: The possible values for the scope of the roles are global and team.

  6. In the Permissions field, select the required action under each resources.

  7. Click Save.

Note: The users with Team manager (global) and Product administrator role can create roles.

You can assign members to global roles using the following procedure.

  1. Click Assign members to assign members to roles.
  2. In the Members field, enter or select the member to assign the roles.
  3. Click Save.

You can use Edit roles to edit roles and Delete roles to delete roles.

The roles with label Custom are customized roles. The roles with label static are system generated roles. Static roles cannot be modified or deleted.

Note: Until new users are assigned to teams, they are automatically assigned to the Default team in the Viewer (team) role. Users in these roles can view resources, such as releases and value streams, but they cannot create or edit them. Additionally, users in these roles can generate user access tokens and access API endpoints with GET requests. Administrators grant users elevated permissions when they assign them to roles such as Lead Developer or Release Manager.

The following tables show the available roles.

Note: For each of the roles, the underlying resources and permissions are also scoped as team or global.

Table 1. Calender manager

Resource Action Description
Calender View, Create, Edit, Delete View, create, edit, and delete calender settings.

Table 2. Developer (team)

Resource Action Description
Dashboard View view team specific dashboards.
Deployment plans View View deployment plans.
Pipeline environment Run Run team specific deployment in pipelines.
Releases View View team specific releases.
Reports View view team specific reports.
Tasks Create, Edit, Delete, Run Create, edit, run, and delete team specific tasks.
Value streams View View team specific value streams and pipelines.

Table 3. Insights manager (global)

Resource Action Description
Dashboard View, Create, Edit, Delete View, create, edit, and delete dashboards.
Reports View, Create, Run View, create, and run reports.
Value stream View View value streams and pipelines.

Table 4. Insights viewer

Resource Action Description
Dashboard View View dashboards
Reports View View reports.
Value stream View View value streams and pipelines.

Table 5. Lead developer (team)

Resource Action Description
Dashboard View View dashboards.
Deployment plans View, Create, Edit, Archive, Restore View, create, edit, archive, and restore deployment plans.
Deployment templates Create, Edit Create and edit deployment templates.
Pipeline applications Create, Edit, Delete Create, edit, and delete pipeline applications.
Pipeline environment Create, Edit, Delete, Run Create, edit, and delete pipelines environments. Run deployment in pipeline environments.
Pipeline gates Edit, Delete, Approve, Override Edit, delete, approve, and override pipeline gates.
Releases View, Create, Edit, Archive, Restore View, create, edit, archive, and restore releases.
Reports View, Create, Run View, create, and run reports.
Tasks Create, Edit, Delete, Run Create, edit, delete and run task.
Value streams View, Create View and create value streams. View pipelines.

Table 6. Lead release manager

Resource Action Description
Deployment plans View, Create, Edit, Archive, Restore View, create, edit, archive and restore deployment plans.
Deployment plan templates Create, Edit Create and edit deployment plan templates.
Gates Approve, Override Approve and override team specific gates.
Pipeline environment Run Run deployment in team specifc pipeline environments.
Releases View, Create, Edit, Lock, Unlock Archive, Restore View, create, edit, lock, unlock, archive, and restore team specific releases.
Tasks Create, Edit, Delete, Run Create, edit, delete, and run team specific tasks.
Teams View, Add member, Remove member View specific teams. Add and remove members to specific teams.
Value streams View View team specific value streams and pipelines.

Table 7. Pipeline designer (team)

Resource Action Description
Deployment plans View, Create, Edit View, create, and edit team specific deployment plans.
Deployment templates Create, Edit Create and edit deployment templates.
Gates Edit, Delete Edit and delete team specific pipeline gates.
Pipeline applications Create, Edit, Delete Create, edit, and delete team specific pipeline applications.
Pipeline environment Create, Edit, Delete, Run Create, edit, and delete team specific pipelines environments. Run deployment in team specific pipeline environments.
Releases View, Create, Edit, Archive, Restore View, create, edit, archive, and restore team specific releases.
Tasks Create, Edit, Delete Create, edit, and delete team specific tasks.
Value streams View, Create View and create team specific value streams. View pipelines.

Table 8. Pipeline executor (team)

Resource Action Description
Pipeline environment Run Run deployment in team specific pipeline environments.
Value streams View View team specific value streams and pipelines.

Table 9. Product administrator

Resource Action Description
Account settings View, Edit View and edit account settings.
Authentication settings View, Create, Edit, Delete View, create, edit and delete authentication settings.
Calender settings View, Create, Edit, Delete View, create, edit, and delete calender settings.
Email server settings View, Edit View and edit email server settings.
Groups View, Create, Edit, Delete, Add member, Remove member, Add role, Remove role View, create, edit, and delete groups. Add and remove members to groups. Add and remove roles to groups.
Integrations View, Create, Edit, Delete, Upgrade View, create, edit, delete, and upgrade plugin integrations.
Plugins View, Create, Edit, Delete, Install, Download View, create, edit, delete, install, and download plugins.
Roles View, Create, Edit, Delete View, create, edit, and delete roles.
Teams View, Create, Edit, Delete, Add role, Remove role, Add member, Remove member View, create, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams.
Users View, Create, Edit, Delete, Add role, Remove role, Add access key, Remove access key View, create, edit, and delete users. Add and remove roles to teams. Add and remove access key to users.

Table 10. Release executor

Resource Action Description
Deployment plans View View team specific deployment plans.
Releases View View team specific releases.
Tasks Run Run team specific tasks.

Table 11. Release manager (team)

Resource Action Description
Deployment plans View, Create, Edit, Archive, Restore View, create, edit, archive, and restore team specific deployment plans.
Deployment plan templates Create, Edit Create and edit deployment plan templates.
Gates Approve, Override Approve and override team specific gates.
Pipeline environment Run Run deployment in team specific pipelines.
Releases View, Create, Edit, Lock, Unlock Archive, Restore View, create, edit, lock, unlock, archive, and restore team specific releases.
Tasks Create, Edit, Delete, Run Create, edit, delete, and run team specific tasks.
Value stream View View team specific value streams and pipelines.

Table 12. Release participant (team)

Resource Action Description
Deployment plans View View team specific deployment plans.
Releases View View team specific releases.
Tasks Create, Edit, Delete, Run Create, edit, delete, and run team specific tasks.
Value streams View View team specific value streams and pipelines.

Table 13. Team manager (team)

Resource Action Description
Teams View, Create, Edit, Delete, Add role, Remove role, Add member, Remove member View, create, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams.

Table 14. Team manager (global)

Resource Action Description
Groups View, Create, Edit, Delete, Add member, Remove member View, create, edit, and delete groups. Add and remove members to groups.
Roles View, Create, Edit, Delete View, create, edit, and delete roles.
Teams View, Create, Edit, Delete, Add role, Remove role, Add member, Remove member View, create, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams.
Users View, Add role, Remove role View users. Add and remove roles to users.

Table 15. Value stream manager

Resource Action Description
Value stream View, Create, Edit, Design, Delete View, create, edit, design, and delete team specific value streams and pipelines.

Table 16. Value stream viewer

Resource Action Description
Value stream View View team specific value streams and pipelines.

Table 17. Viewer (global)

Resource Actions Description
Account settings View View account settings.
Authentication settings View View authentication settings.
Calender View View calender settings.
Dashboard View View dashboards.
Email server settings View View email server settings.
Groups View View all groups.
Integrations View View configured plugin integrations.
Plugins View, Upgrade, Load plugin View, upgrade, and load available plugins.
Releases View View releases, deployment template, and deployment plans.
Reports View View reports.
Roles View View all user roles.
Teams View View all teams.
Users View View all users.
Value streams View UI objects such as deployment plans and value streams. Create user access token.

Table 18. Viewer (team)

Resource Action Description
Authentication settings View View team specific authentication settings.
Calender settings View View calender settings.
Dashboard View View team specific dashboards
Email server settings View View email server settings.
Groups View View team specific groups.
Integrations View View configured plugin integrations.
Plugins View, Upgrade, Load plugin View, upgrade, and load available plugins.
Releases View View team specific releases, deployment templates, and deployment plans.
Reports View View team specific reports.
Roles View View team specific roles.
Teams View View specific teams.
Users View View specific team users.
Value streams View View team specific value streams and pipelines.

Parent topic: Security