From e693d4b3ab018d4208d926915c023bfbf19e6451 Mon Sep 17 00:00:00 2001 From: Josh Lucas Date: Thu, 17 Apr 2025 15:29:43 -0400 Subject: [PATCH 1/3] Add new tables for user admin and cluster connection admin predefined roles --- calico-cloud/users/user-management.mdx | 46 ++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/calico-cloud/users/user-management.mdx b/calico-cloud/users/user-management.mdx index a15be854a..f990a5dc5 100644 --- a/calico-cloud/users/user-management.mdx +++ b/calico-cloud/users/user-management.mdx @@ -62,6 +62,52 @@ The Admin role provides broad administrative access for day-to-day configuration | Container Threat Detection | view, edit | | Dashboards | view, edit | +### User Admin + +The User Admin role has the ability to manage team members and their assigned roles $[prodname]. + +| Feature | Permission Level | +| :------------------------------ | :----------------- | +| Service Graph and Flow Visualizer | - | +| Policies | - | +| Nodes and Endpoints | - | +| Network Sets | - | +| Managed Clusters | - | +| Compliance Reports | - | +| Timeline | - | +| Alerts | - | +| Kibana | - | +| Image Assurance | - | +| Manage Team | view, edit, delete | +| Usage Metrics | - | +| Threat Feeds | - | +| Web Application Firewall | - | +| Container Threat Detection | - | +| Dashboards | - | + +### Cluster Connection Admin + +The Cluster Connection Admin role has administrative capabilities of managed clusters $[prodname]. + +| Feature | Permission Level | +| :------------------------------ | :----------------- | +| Service Graph and Flow Visualizer | - | +| Policies | - | +| Nodes and Endpoints | - | +| Network Sets | - | +| Managed Clusters | view, edit, delete | +| Compliance Reports | - | +| Timeline | - | +| Alerts | - | +| Kibana | - | +| Image Assurance | - | +| Manage Team | - | +| Usage Metrics | - | +| Threat Feeds | - | +| Web Application Firewall | - | +| Container Threat Detection | - | +| Dashboards | - | + ### Viewer The Viewer role provides read-only access to most operational and configuration data within $[prodname]. Ideal for users who need visibility without making changes. From 52b01445b1c62bdae401615317262f5f115d034e Mon Sep 17 00:00:00 2001 From: Josh Lucas Date: Thu, 17 Apr 2025 15:57:01 -0400 Subject: [PATCH 2/3] Fixes --- calico-cloud/users/user-management.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/calico-cloud/users/user-management.mdx b/calico-cloud/users/user-management.mdx index f990a5dc5..d997b9870 100644 --- a/calico-cloud/users/user-management.mdx +++ b/calico-cloud/users/user-management.mdx @@ -64,7 +64,7 @@ The Admin role provides broad administrative access for day-to-day configuration ### User Admin -The User Admin role has the ability to manage team members and their assigned roles $[prodname]. +The User Admin role has the ability to manage team members and their assigned roles. | Feature | Permission Level | | :------------------------------ | :----------------- | @@ -87,7 +87,7 @@ The User Admin role has the ability to manage team members and their assigned ro ### Cluster Connection Admin -The Cluster Connection Admin role has administrative capabilities of managed clusters $[prodname]. +The Cluster Connection Admin role has administrative capabilities of managed clusters. | Feature | Permission Level | | :------------------------------ | :----------------- | From bc012521cd2a7b7d36dff1861d7f80216ef269c2 Mon Sep 17 00:00:00 2001 From: Josh Lucas Date: Mon, 21 Apr 2025 11:27:11 -0400 Subject: [PATCH 3/3] PR feedback --- calico-cloud/users/user-management.mdx | 2 +- .../version-21-1/users/user-management.mdx | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/calico-cloud/users/user-management.mdx b/calico-cloud/users/user-management.mdx index d997b9870..9069cb9ce 100644 --- a/calico-cloud/users/user-management.mdx +++ b/calico-cloud/users/user-management.mdx @@ -78,7 +78,7 @@ The User Admin role has the ability to manage team members and their assigned ro | Alerts | - | | Kibana | - | | Image Assurance | - | -| Manage Team | view, edit, delete | +| Manage Team | view, edit | | Usage Metrics | - | | Threat Feeds | - | | Web Application Firewall | - | diff --git a/calico-cloud_versioned_docs/version-21-1/users/user-management.mdx b/calico-cloud_versioned_docs/version-21-1/users/user-management.mdx index a15be854a..9069cb9ce 100644 --- a/calico-cloud_versioned_docs/version-21-1/users/user-management.mdx +++ b/calico-cloud_versioned_docs/version-21-1/users/user-management.mdx @@ -62,6 +62,52 @@ The Admin role provides broad administrative access for day-to-day configuration | Container Threat Detection | view, edit | | Dashboards | view, edit | +### User Admin + +The User Admin role has the ability to manage team members and their assigned roles. + +| Feature | Permission Level | +| :------------------------------ | :----------------- | +| Service Graph and Flow Visualizer | - | +| Policies | - | +| Nodes and Endpoints | - | +| Network Sets | - | +| Managed Clusters | - | +| Compliance Reports | - | +| Timeline | - | +| Alerts | - | +| Kibana | - | +| Image Assurance | - | +| Manage Team | view, edit | +| Usage Metrics | - | +| Threat Feeds | - | +| Web Application Firewall | - | +| Container Threat Detection | - | +| Dashboards | - | + +### Cluster Connection Admin + +The Cluster Connection Admin role has administrative capabilities of managed clusters. + +| Feature | Permission Level | +| :------------------------------ | :----------------- | +| Service Graph and Flow Visualizer | - | +| Policies | - | +| Nodes and Endpoints | - | +| Network Sets | - | +| Managed Clusters | view, edit, delete | +| Compliance Reports | - | +| Timeline | - | +| Alerts | - | +| Kibana | - | +| Image Assurance | - | +| Manage Team | - | +| Usage Metrics | - | +| Threat Feeds | - | +| Web Application Firewall | - | +| Container Threat Detection | - | +| Dashboards | - | + ### Viewer The Viewer role provides read-only access to most operational and configuration data within $[prodname]. Ideal for users who need visibility without making changes.