Roles and permissions#
A number of roles are defined in the product that can be assigned to a user or group. Roles set boundaries on activities that a user or group member can perform.
Roles are assigned to users and groups within the team context. Users or groups are assigned to a team with a specific role. The role assigned to a user is only for the team that the user is a member. A user can be a member of multiple teams and have a different role on each.
The interlocking concept of teams, roles, and permissions ensures that users have the appropriate permissions to perform their work and not affect processes outside of their assigned scope. The interaction of these three concepts provides the mechanisms to create an infrastructure that is secure and flexible.
There are two types of roles, global and team. Global roles provide permissions to access all resources of the product. Team specific roles provide permissions to access team specific resources of the product. Users with team specific roles can view only the resources associated with that team.
You can customize the roles using the following procedure.
- On the HCL™ Accelerate dashboard, click Settings
, and then click Authorization > Roles. - On the Roles page, click Create role.
- In the Name field, enter the name for the role.
- In the Description field, enter the description for the role.
-
In the Scope field, select the scope for the role.
Note: The possible values for the scope of the roles are global and team.
-
In the Permissions field, select the required action under each resources.
- Click Save.
Note: The users with Team manager (global) and Product administrator role can create roles.
You can assign members to global roles using the following procedure.
- Click
to assign members to roles. - In the Members field, enter or select the member to assign the roles.
- Click Save.
You can use 
to edit roles and 
to delete roles.
The roles with label Custom are customized roles. The roles with label static are system generated roles. Static roles cannot be modified or deleted.
Note: Until new users are assigned to teams, they are automatically assigned to the Default team in the Viewer (team) role. Users in these roles can view resources, such as releases and value streams, but they cannot create or edit them. Additionally, users in these roles can generate user access tokens and access API endpoints with GET requests. Administrators grant users elevated permissions when they assign them to roles such as Lead Developer or Release Manager.
The following tables show the available roles.
Note: For each of the roles, the underlying resources and permissions are also scoped as team or global.
Table 1. Calender manager
| Resource | Action | Description |
|---|---|---|
| Calender | View, Create, Edit, Delete | View, create, edit, and delete calender settings. |
Table 2. Developer (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View | View deployment plans. |
| Pipeline environment | Run | Run team specific deployment in pipelines. |
| Releases | View | View team specific releases. |
| Tasks | Create, Edit, Delete, Run | Create, edit, run, and delete team specific tasks. |
| Value streams | View | View team specific value streams and pipelines. |
Table 3. Insights manager (global)
| Resource | Action | Description |
|---|---|---|
| Dashboard | View, Create, Edit, Delete | View, create, edit, and delete dashboards. |
| Reports | View, Create, Run | View, create, and run reports. |
| Value streams | View | View value streams and pipelines. |
Table 4. Insights viewer
| Resource | Action | Description |
|---|---|---|
| Dashboard | View | View dashboards |
| Reports | View | View reports. |
| Value streams | View | View value streams and pipelines. |
Table 5. Lead developer (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View, Create, Edit, Archive, Restore | View, create, edit, archive, and restore deployment plans. |
| Deployment templates | Create, Edit | Create and edit deployment templates. |
| Pipeline applications | Create, Edit, Delete | Create, edit, and delete pipeline applications. |
| Pipeline environment | Create, Edit, Delete, Override, Run | Create, edit, delete, and override pipelines environments. Run deployment in pipeline environments. |
| Pipeline gates | Edit, Delete, Approve, Override | Edit, delete, approve, and override pipeline gates. |
| Releases | View, Create, Edit, Archive, Restore | View, create, edit, archive, and restore releases. |
| Reports | View, Create, Run | View, create, and run reports. |
| Tasks | Create, Edit, Delete, Run | Create, edit, delete and run task. |
| Value streams | View, Create | View and create value streams. View pipelines. |
Table 6. Lead release manager
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View, Create, Edit, Archive, Restore | View, create, edit, archive and restore deployment plans. |
| Deployment plan templates | Create, Edit | Create and edit deployment plan templates. |
| Gates | Approve, Override | Approve and override team specific gates. |
| Pipeline environment | Run | Run deployment in team specifc pipeline environments. |
| Releases | View, Create, Edit, Lock, Unlock Archive, Restore | View, create, edit, lock, unlock, archive, and restore team specific releases. |
| Tasks | Create, Edit, Delete, Run | Create, edit, delete, and run team specific tasks. |
| Teams | View, Add member, Remove member | View specific teams. Add and remove members to specific teams. |
| Value streams | View | View team specific value streams and pipelines. |
Table 7. Pipeline designer (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View, Create, Edit | View, create, and edit team specific deployment plans. |
| Deployment templates | Create, Edit | Create and edit deployment templates. |
| Gates | Edit, Delete | Edit and delete team specific pipeline gates. |
| Pipeline applications | Create, Edit, Delete | Create, edit, and delete team specific pipeline applications. |
| Pipeline environment | Create, Edit, Override, Delete, Run | Create, edit, and delete team specific pipelines environments. Run deployment in team specific pipeline environments. |
| Releases | View, Create, Edit, Archive, Restore | View, create, edit, archive, and restore team specific releases. |
| Tasks | Create, Edit, Delete | Create, edit, and delete team specific tasks. |
| Value streams | View, Create | View and create team specific value streams. View pipelines. |
Table 8. Pipeline executor (team)
| Resource | Action | Description |
|---|---|---|
| Pipeline environment | Run | Run deployment in team specific pipeline environments. |
| Value streams | View | View team specific value streams and pipelines. |
Table 9. Product administrator
| Resource | Action | Description |
|---|---|---|
| Account settings | View, Edit | View and edit account settings. |
| Authentication settings | View, Create, Edit, Delete | View, create, edit, and delete authentication settings. |
| Calender settings | View, Create, Edit, Delete | View, create, edit, and delete calender settings. |
| Dashboard | View, Create, Edit, Delete | View, create, edit, and delete dashboards. |
| Deployment plans | View, Create, Edit, Archive, Restore | View, create, edit, archive, and restore deployment plans. |
| Deployment templates | Create, Edit | Create and edit deployment templates. |
| Email server settings | View, Edit | View and edit email server settings. |
| Gates | Edit, Delete, Approve, Override | Edit, delete, approve, and override pipeline gates. |
| Groups | View, Create, Edit, Delete, Add member, Remove member, Add role, Remove role | View, create, edit, and delete groups. Add and remove members to groups. Add and remove roles to groups. |
| Integrations | View, Create, Edit, Delete, Upgrade | View, create, edit, delete, and upgrade plugin integrations. |
| Pipeline applications | Create, Edit, Delete | Create, edit, and delete pipeline applications. |
| Pipeline environment | Create, Edit, Override, Delete, Run | Create, edit, override, delete, and run pipeline environments. |
| Plugins | View, Create, Edit, Delete, Install, Download | View, create, edit, delete, install, and download plugins. |
| Releases | View, Create, Edit, Lock, Unlock Archive, Restore | View, create, edit, lock, unlock, archive, and restore releases. |
| Reports | View, Create, Run | View, create, and run reports. |
| Roles | View, Create, Edit, Delete | View, create, edit, and delete roles. |
| Tasks | Create, Edit, Delete, Run | Create, edit, delete, and run tasks. |
| Teams | View, Create, Edit, Delete, Add role, Remove role, Add member, Remove member | View, create, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams. |
| Users | View, Create, Edit, Delete, Add role, Remove role, Add access key, Remove access key | View, create, edit, and delete users. Add and remove roles to teams. Add and remove access key to users. |
| Value streams | View, Create, Edit, Delete, Design | View, create, edit, delete, and design value streams. |
Table 10. Release executor
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View | View team specific deployment plans. |
| Releases | View | View team specific releases. |
| Tasks | Run | Run team specific tasks. |
Table 11. Release manager (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View, Create, Edit, Archive, Restore | View, create, edit, archive, and restore team specific deployment plans. |
| Deployment plan templates | Create, Edit | Create and edit deployment plan templates. |
| Gates | Approve, Override | Approve and override team specific gates. |
| Pipeline environment | Run | Run deployment in team specific pipelines. |
| Releases | View, Create, Edit, Lock, Unlock Archive, Restore | View, create, edit, lock, unlock, archive, and restore team specific releases. |
| Tasks | Create, Edit, Delete, Run | Create, edit, delete, and run team specific tasks. |
| Value stream | View | View team specific value streams and pipelines. |
Table 12. Release participant (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View | View team specific deployment plans. |
| Releases | View | View team specific releases. |
| Tasks | Create, Edit, Delete, Run | Create, edit, delete, and run team specific tasks. |
Table 13. Team manager (team)
| Resource | Action | Description |
|---|---|---|
| Teams | View, Edit, Delete, Add role, Remove role, Add member, Remove member | View, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams. |
Table 14. Team manager (global)
| Resource | Action | Description |
|---|---|---|
| Teams | View, Create, Edit, Delete, Add role, Remove role, Add member, Remove member | View, create, edit, and delete teams. Add and remove members to teams. Add and remove roles to teams. |
Table 15. Value stream manager
| Resource | Action | Description |
|---|---|---|
| Value streams | View, Create, Edit, Design, Delete | View, create, edit, design, and delete team specific value streams and pipelines. |
Table 16. Value stream viewer
| Resource | Action | Description |
|---|---|---|
| Value streams | View | View team specific value streams and pipelines. |
Table 17. Viewer (global)
| Resource | Actions | Description |
|---|---|---|
| Account settings | View | View account settings. |
| Authentication settings | View | View authentication settings. |
| Calender | View | View calender settings. |
| Dashboard | View | View dashboards. |
| Deployment plans | View | View deployment plans. |
| Email server settings | View | View email server settings. |
| Groups | View | View all groups. |
| Integrations | View | View configured plugin integrations. |
| Plugins | View, Upgrade, Load plugin | View, upgrade, and load available plugins. |
| Releases | View | View releases. |
| Reports | View | View reports. |
| Roles | View | View all user roles. |
| Teams | View | View all teams. |
| Users | View | View all users. |
| Value streams | View | UI objects such as deployment plans and value streams. Create user access token. |
Table 18. Viewer (team)
| Resource | Action | Description |
|---|---|---|
| Deployment plans | View | View deployment plans. |
| Releases | View | View team specific releases. |
| Teams | View | View specific teams. |
| Value streams | View | View team specific value streams and pipelines. |
Parent topic: Security