You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/current/_includes/cockroachcloud/org-roles/folder-admin.md
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -1,4 +1,4 @@
1
-
The {% if page.name == 'authorization.md' %}**Folder Admin**{% else %}[**Folder Admin**]({% link cockroachcloud/authorization.md %}#folder-admin){% endif %} role is granted permissions to create, rename, and move, or delete folders where they are granted the role, and they can also manage access to these folders. They can also [edit folder labels]({% link cockroachcloud/labels.md %}). This role can be granted at the level of the organization or on a specific folder. If granted at the level of the organization, the role grants the ability to view all users and service accounts in the organization. If granted on a specific folder, the role is inherited by descendant folders.
1
+
The {% if page.name == 'authorization.md' %}**Folder Admin**{% else %}[**Folder Admin**]({% link cockroachcloud/authorization.md %}#folder-admin){% endif %} role grants permissions to create, rename, and move, or delete folders where they are granted the role, and they can also manage access to these folders. They can also [edit folder labels]({% link cockroachcloud/labels.md %}). This role can be granted at the level of the organization or on a specific folder. If granted at the level of the organization, the role grants the ability to view all users and service accounts in the organization. If granted on a specific folder, the role is inherited by descendant folders.
2
2
3
3
A user with the {% if page.name == 'authorization.md' %}[Organization Admin](#organization-admin){% else %}[Organization Admin]({% link cockroachcloud/authorization.md %}#organization-admin){% endif %} role can grant themselves, another user, or a service account the Folder Admin role.
Copy file name to clipboardExpand all lines: src/current/_includes/cockroachcloud/org-roles/folder-mover.md
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -1,4 +1,4 @@
1
-
The {% if page.name == 'authorization.md' %}**Folder Mover**{% else %}[**Folder Mover**]({% link cockroachcloud/authorization.md %}#folder-mover){% endif %} role is granted permission to rename or move descendant folders, and can move clusters within the folder hierarchy where they have the role. However, a Folder Mover cannot create or delete folders or clusters, and cannot assign roles. A Folder Mover can move clusters within the folder hierarchy even if they do not have a role that allows them to connect to the cluster, such as {% if page.name == 'authorization.md' %}[Cluster Creator](#cluster-creator) or [Cluster Operator](#cluster-operator){% else %}[Cluster Admin]({% link cockroachcloud/authorization.md %}#cluster-admin) or [Cluster Operator]({% link cockroachcloud/authorization.md %}#cluster-operator{% endif %}).
1
+
The {% if page.name == 'authorization.md' %}**Folder Mover**{% else %}[**Folder Mover**]({% link cockroachcloud/authorization.md %}#folder-mover){% endif %} role grants permissions to rename or move descendant folders, and can move clusters within the folder hierarchy where they have the role. However, a Folder Mover cannot create or delete folders or clusters, and cannot assign roles. A Folder Mover can move clusters within the folder hierarchy even if they do not have a role that allows them to connect to the cluster, such as {% if page.name == 'authorization.md' %}[Cluster Creator](#cluster-creator) or [Cluster Operator](#cluster-operator){% else %}[Cluster Admin]({% link cockroachcloud/authorization.md %}#cluster-admin) or [Cluster Operator]({% link cockroachcloud/authorization.md %}#cluster-operator{% endif %}).
Copy file name to clipboardExpand all lines: src/current/cockroachcloud/authorization.md
+5-5Lines changed: 5 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -64,11 +64,11 @@ This role can be assigned only at the organization scope.
64
64
65
65
### Billing Coordinator
66
66
67
-
The **Billing Coordinator** role is granted permissions to [manage billing for that organization]({% link cockroachcloud/billing-management.md %}) through the CockroachDB {{ site.data.products.cloud }} console billing page at [`https://cockroachlabs.cloud/billing/overview`](https://cockroachlabs.cloud/billing/overview).
67
+
The **Billing Coordinator** role grants permissions to [manage billing for that organization]({% link cockroachcloud/billing-management.md %}) through the CockroachDB {{ site.data.products.cloud }} console billing page at [`https://cockroachlabs.cloud/billing/overview`](https://cockroachlabs.cloud/billing/overview).
68
68
69
69
### Cluster Operator
70
70
71
-
The **Cluster Operator** role is granted permissions that are dependent on whether it is assigned to a user or a service account.
71
+
The **Cluster Operator** role grants permissions that are dependent on whether it is assigned to a user or a service account.
72
72
73
73
-*Users* with this role can perform the following *console operations*:
74
74
@@ -110,7 +110,7 @@ This role can be granted at the scope of the organization, on an individual clus
110
110
111
111
### Cluster Admin
112
112
113
-
The **Cluster Admin** role is granted all of the [Cluster Operator](#cluster-operator) permissions, as well as the following:
113
+
The **Cluster Admin** role grants all of the [Cluster Operator](#cluster-operator) permissions, as well as the following:
114
114
115
115
-[Provision SQL users for a cluster using the console]({% link cockroachcloud/managing-access.md %}#create-a-sql-user).
116
116
-[Create Service Accounts]({% link cockroachcloud/managing-access.md %}#change-a-team-members-role).
@@ -124,13 +124,13 @@ This role can be granted at the scope of the organization, on an individual clus
124
124
125
125
### Cluster Creator
126
126
127
-
The **Cluster Creator** role is granted permission to create clusters in an organization. A cluster's creator is automatically granted the [Cluster Admin](#cluster-admin) role for that cluster upon creation.
127
+
The **Cluster Creator** role grants permissions to create clusters in an organization. A cluster's creator is automatically granted the [Cluster Admin](#cluster-admin) role for that cluster upon creation.
128
128
129
129
This role can be granted at the scope of the organization or on a folder. If granted on a folder, it is inherited on the folder's clusters, descendent folders, and their descendants.
130
130
131
131
### Cluster Developer
132
132
133
-
The **Cluster Developer** role is granted permission to view cluster details and access the [DB Console]({% link cockroachcloud/network-authorization.md %}#db-console), allowing them to [export a connection string from the cluster page UI]({% link cockroachcloud/authentication.md %}#the-connection-string), although they will still need a Cluster Admin to [provision their SQL credentials]({% link cockroachcloud/managing-access.md %}#manage-sql-users-on-a-cluster) for the cluster.
133
+
The **Cluster Developer** role grants permissions to view cluster details and access the [DB Console]({% link cockroachcloud/network-authorization.md %}#db-console), allowing them to [export a connection string from the cluster page UI]({% link cockroachcloud/authentication.md %}#the-connection-string), although they will still need a Cluster Admin to [provision their SQL credentials]({% link cockroachcloud/managing-access.md %}#manage-sql-users-on-a-cluster) for the cluster.
134
134
135
135
This role can be granted at the scope of the organization, on an individual cluster, or on a folder. If granted on a folder, it is inherited on the folder's clusters, descendent folders, and their descendants.
0 commit comments