{ "SYSTEM": { "SUPER_ADMIN": [ "ops_star.all" ], "PARTNER_ADMIN": [ "ops_star.all" ] }, "ORGANIZATION": { "ADMIN": [ "user.read", "user.write", "user.keys.write", "group.read", "group.write", "console.all", "account.read", "registryauthkey.read", "registryauthkey.write", "certificate.read", "project.certificate.read", "certificate.write", "project.certificate.write", "namespace.read", "project.namespace.read", "project.namespace.customer.read", "namespace.write", "project.namespace.write", "project.namespace.customer.write", "partnerdetails.read", "project.read", "project.write", "project.customer.read", "project.customer.write", "registry.read", "registry.write", "project.registry.read", "project.registry.write", "registryimage.read", "registryimage.write", "relaynetwork.read", "relaynetwork.write", "role.read", "role.write", "workload.read", "project.workload.read", "project.workload.customer.read", "workload.write", "project.workload.write", "project.workload.customer.write", "workload.publish", "project.workload.publish", "project.credential.read", "project.credential.write", "template.read", "clusterctl.read", "clusterctl.write", "project.clusterctl.read", "project.clusterctl.write", "project.customer.clusters.read", "project.customer.clusters.write", "sso.read", "sso.write", "ssouser.write", "ssouser.read", "cluster.scheduler.read", "cluster.scheduler.write", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.cluster.scheduler.read", "project.cluster.scheduler.write", "project.taskset.read", "project.taskset.write", "project.placement.read", "project.placement.write", "project.override.read", "project.override.write", "project.clusterOverride.read.workload", "project.clusterOverride.write.workload", "project.v2.namespace.read", "project.v2.namespace.write", "project.integrationEndpoint.read", "project.integrationEndpoint.write", "project.container.registry.read", "project.container.registry.write", "project.secretStore.read", "project.secretStore.write", "project.providers.read", "project.providers.write", "project.providers.org.admin.write", "project.customer.providers.read", "project.customer.providers.write", "project.activityplans.read", "project.activityplans.write", "project.activityjobs.read", "project.activityjobs.write", "kubeconfig.read", "kubeconfig.write", "v2debug.read", "v2debug.write", "v2account.read", "kubectl.clustersettings.read", "kubectl.clustersettings.write", "kubectl.fullaccess", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.scheduler.placement.write", "project.v2.config.workload.read", "project.v2.config.workload.write", "project.v2.config.workloadtemplate.read", "project.v2.config.workloadtemplate.write", "org.auditLog.read", "org.relayAudit.read", "audit.read", "project.data.protection.read", "project.data.protection.write", "project.repository.read", "project.repository.write", "project.trigger.read", "project.trigger.write", "project.pipeline.read", "project.pipelinesummary.read", "project.pipeline.write", "project.pipeline.org.admin.write", "project.infra.provisioner.read", "project.infra.provisioner.write", "project.infra.provisioner.runtime.read", "project.pipeline.variable.read", "project.pipeline.variable.write", "project.approval.read", "project.approval.write", "project.myapproval.read", "project.approvalsummary.read", "project.myapprovalsummary.read", "project.agent.read", "project.agent.write", "project.agentVersion.read", "project.trigger.customer.read", "project.trigger.customer.write", "project.pipeline.customer.read", "project.pipelinesummary.customer.read", "project.pipeline.customer.write", "project.approval.customer.read", "project.approval.customer.write", "project.data.protection.policy.read", "project.data.protection.policy.write", "project.data.protection.location.read", "project.data.protection.location.write", "lockout.settings.read", "lockout.settings.write", "organization.read", "organization.write", "idle.timeout.settings.read", "idle.timeout.settings.write", "org.alertconfig.read", "org.alertconfig.write", "project.alertconfig.read", "project.alertconfig.write", "project.alert.read", "org.alert.read", "project.dashboard.workload.read", "project.systemsync.write", "project.systemsync.read", "hub.agent.read", "hub.agent.write", "hub.cluster.read", "hub.cluster.write", "hub.infraprovisioner.read", "hub.infraprovisioner.write", "hub.namespace.read", "hub.namespace.write", "hub.openapi.explorer.read", "hub.pipeline.read", "hub.pipeline.write", "hub.project.read", "hub.project.write", "hub.wellknown.read", "hub.workload.read", "hub.workload.write", "hub.workloadtemplate.read", "hub.workloadtemplate.write", "hub.repository.read", "hub.repository.write" ], "ADMIN_READ_ONLY": [ "user.read", "group.read", "console.all", "account.read", "registryauthkey.read", "certificate.read", "project.certificate.read", "namespace.read", "project.namespace.read", "project.namespace.customer.read", "partnerdetails.read", "project.read", "project.customer.read", "registry.read", "project.registry.read", "registryimage.read", "relaynetwork.read", "role.read", "workload.read", "project.workload.read", "project.workload.customer.read", "project.credential.read", "template.read", "clusterctl.read", "project.clusterctl.read", "project.customer.clusters.read", "sso.read", "cluster.scheduler.read", "project.auditLog.read", "project.relayAudit.read", "project.cluster.scheduler.read", "project.taskset.read", "project.placement.read", "project.override.read", "project.clusterOverride.read.workload", "project.v2.namespace.read", "project.integrationEndpoint.read", "project.container.registry.read", "project.secretStore.read", "project.providers.read", "project.customer.providers.read", "project.activityplans.read", "project.activityjobs.read", "kubeconfig.read", "v2debug.read", "v2account.read", "kubectl.clustersettings.read", "kubectl.cluster.read", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.config.workload.read", "project.v2.config.workloadtemplate.read", "org.auditLog.read", "org.relayAudit.read", "audit.read", "project.data.protection.read", "project.repository.read", "project.trigger.read", "project.pipeline.read", "project.pipelinesummary.read", "project.infra.provisioner.read", "project.infra.provisioner.runtime.read", "project.pipeline.variable.read", "project.approval.read", "project.myapproval.read", "project.approvalsummary.read", "project.myapprovalsummary.read", "project.agent.read", "project.agentVersion.read", "project.trigger.customer.read", "project.pipeline.customer.read", "project.pipelinesummary.customer.read", "project.approval.customer.read", "project.data.protection.policy.read", "project.data.protection.location.read", "lockout.settings.read", "organization.read", "idle.timeout.settings.read", "org.alertconfig.read", "project.alertconfig.read", "project.alert.read", "org.alert.read", "project.dashboard.workload.read", "project.systemsync.read", "hub.agent.read", "hub.cluster.read", "hub.infraprovisioner.read", "hub.namespace.read", "hub.openapi.explorer.read", "hub.pipeline.read", "hub.project.read", "hub.wellknown.read", "hub.workload.read", "hub.workloadtemplate.read", "hub.repository.read" ] }, "PROJECT": { "PROJECT_ADMIN": [ "user.keys.write", "v2account.read", "console.all", "registryauthkey.read", "registryauthkey.write", "project.namespace.read", "project.namespace.write", "project.namespace.customer.read", "project.namespace.customer.write", "partnerdetails.read", "project.read", "project.customer.read", "project.admin.write", "registry.read", "registry.write", "registryimage.read", "registryimage.write", "cluster.scheduler.read", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.workload.read", "project.workload.write", "project.workload.customer.read", "project.workload.customer.write", "project.workload.publish", "project.certificate.read", "project.certificate.write", "project.credential.read", "project.credential.write", "project.customer.clusters.read", "project.cluster.scheduler.read", "project.taskset.read", "project.taskset.write", "project.placement.read", "project.placement.write", "project.override.read", "project.override.write", "project.clusterOverride.read.workload", "project.clusterOverride.write.workload", "project.v2.namespace.read", "project.v2.namespace.write", "project.integrationEndpoint.read", "project.integrationEndpoint.write", "project.container.registry.read", "project.container.registry.write", "template.read", "project.secretStore.read", "project.secretStore.write", "project.registry.read", "project.registry.write", "project.providers.read", "project.customer.providers.read", "project.activityplans.read", "project.activityplans.write", "project.activityjobs.read", "project.activityjobs.write", "kubeconfig.read", "v2debug.read", "v2debug.write", "kubectl.fullaccess", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.scheduler.placement.write", "project.v2.config.workload.read", "project.v2.config.workload.write", "project.v2.config.workloadtemplate.read", "project.v2.config.workloadtemplate.write", "project.data.protection.read", "project.data.protection.write", "project.data.protection.policy.read", "project.data.protection.policy.write", "project.data.protection.location.read", "project.data.protection.location.write", "project.alertconfig.read", "project.alertconfig.write", "project.repository.read", "project.repository.write", "project.agent.read", "project.agent.write", "project.agentVersion.read", "project.pipeline.read", "project.pipelinesummary.read", "project.pipeline.write", "project.pipeline.variable.read", "project.pipeline.variable.write", "project.pipeline.customer.read", "project.pipelinesummary.customer.read", "project.pipeline.customer.write", "project.infra.provisioner.read", "project.infra.provisioner.write", "project.infra.provisioner.runtime.read", "project.trigger.read", "project.trigger.write", "project.trigger.customer.read", "project.trigger.customer.write", "project.approval.read", "project.approval.write", "project.myapproval.read", "project.approvalsummary.read", "project.myapprovalsummary.read", "project.approval.customer.read", "project.approval.customer.write", "project.alert.read", "project.dashboard.workload.read", "project.systemsync.write", "project.systemsync.read", "hub.agent.read", "hub.agent.write", "hub.cluster.read", "hub.cluster.write", "hub.infraprovisioner.read", "hub.infraprovisioner.write", "hub.namespace.read", "hub.namespace.write", "hub.openapi.explorer.read", "hub.pipeline.read", "hub.pipeline.write", "hub.project.read", "hub.project.write", "hub.wellknown.read", "hub.workload.read", "hub.workload.write", "hub.workloadtemplate.read", "hub.workloadtemplate.write", "hub.repository.read", "hub.repository.write" ], "PROJECT_READ_ONLY": [ "console.all", "project.namespace.read", "project.namespace.customer.read", "partnerdetails.read", "project.read", "project.customer.read", "registry.read", "registryimage.read", "cluster.scheduler.read", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.workload.read", "project.workload.customer.read", "project.certificate.read", "project.credential.read", "project.customer.clusters.read", "project.cluster.scheduler.read", "project.taskset.read", "project.placement.read", "project.override.read", "project.clusterOverride.read.workload", "project.v2.namespace.read", "project.integrationEndpoint.read", "project.container.registry.read", "sso.read", "template.read", "project.secretStore.read", "project.registry.read", "project.providers.read", "project.customer.providers.read", "project.activityplans.read", "project.activityjobs.read", "kubeconfig.read", "v2debug.read", "kubectl.cluster.read", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.config.workload.read", "project.v2.config.workloadtemplate.read", "project.data.protection.read", "project.data.protection.policy.read", "project.data.protection.location.read", "project.alertconfig.read", "project.repository.read", "project.agent.read", "project.agentVersion.read", "project.pipeline.read", "project.pipelinesummary.read", "project.pipeline.customer.read", "project.pipelinesummary.customer.read", "project.infra.provisioner.read", "project.infra.provisioner.runtime.read", "project.pipeline.variable.read", "project.trigger.read", "project.trigger.customer.read", "project.approval.read", "project.myapproval.read", "project.approvalsummary.read", "project.myapprovalsummary.read", "project.approval.customer.read", "project.alert.read", "project.dashboard.workload.read", "project.systemsync.read", "hub.agent.read", "hub.cluster.read", "hub.infraprovisioner.read", "hub.namespace.read", "hub.openapi.explorer.read", "hub.pipeline.read", "hub.project.read", "hub.wellknown.read", "hub.workload.read", "hub.workloadtemplate.read", "hub.repository.read" ], "INFRA_ADMIN": [ "console.all", "user.keys.write", "v2account.read", "registryauthkey.read", "registryauthkey.write", "project.namespace.read", "project.namespace.write", "project.namespace.customer.read", "project.namespace.customer.write", "partnerdetails.read", "project.read", "project.customer.read", "cluster.scheduler.read", "cluster.scheduler.write", "clusterctl.read", "clusterctl.write", "template.read", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.clusterctl.read", "project.clusterctl.write", "project.customer.clusters.read", "project.customer.clusters.write", "project.cluster.scheduler.read", "project.cluster.scheduler.write", "project.taskset.read", "project.taskset.write", "project.placement.read", "project.placement.write", "project.override.read", "project.override.write", "project.v2.namespace.read", "project.v2.namespace.write", "project.integrationEndpoint.read", "project.integrationEndpoint.write", "project.container.registry.read", "project.container.registry.write", "project.secretStore.read", "project.secretStore.write", "project.providers.read", "project.providers.write", "project.customer.providers.read", "project.customer.providers.write", "project.activityplans.read", "project.activityplans.write", "project.activityjobs.read", "project.activityjobs.write", "project.infra.overrides.read", "relaynetwork.read", "relaynetwork.write", "kubeconfig.read", "v2debug.read", "v2debug.write", "kubectl.clustersettings.read", "kubectl.clustersettings.write", "kubectl.fullaccess", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.scheduler.placement.write", "project.v2.config.workload.read", "project.v2.config.workload.write", "project.v2.config.workloadtemplate.read", "project.v2.config.workloadtemplate.write", "project.data.protection.read", "project.data.protection.write", "project.data.protection.policy.read", "project.data.protection.policy.write", "project.data.protection.location.read", "project.data.protection.location.write", "project.infra.provisioner.read", "project.infra.provisioner.write", "project.infra.provisioner.runtime.read", "project.alertconfig.read", "project.alertconfig.write", "project.repository.read", "project.repository.write", "project.agent.read", "project.agent.write", "project.agentVersion.read", "project.alert.read", "project.dashboard.workload.read", "project.systemsync.write", "project.systemsync.read", "hub.cluster.read", "hub.cluster.write", "hub.namespace.read", "hub.namespace.write", "hub.openapi.explorer.read", "hub.wellknown.read" ], "INFRA_READ_ONLY": [ "console.all", "project.namespace.read", "project.namespace.customer.read", "partnerdetails.read", "project.read", "project.customer.read", "template.read", "cluster.scheduler.read", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.customer.clusters.read", "project.cluster.scheduler.read", "project.taskset.read", "project.placement.read", "project.override.read", "project.v2.namespace.read", "project.integrationEndpoint.read", "project.container.registry.read", "project.secretStore.read", "project.providers.read", "project.customer.providers.read", "project.activityplans.read", "project.activityjobs.read", "project.infra.overrides.read", "relaynetwork.read", "kubeconfig.read", "v2debug.read", "kubectl.clustersettings.read", "kubectl.cluster.read", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.config.workload.read", "project.v2.config.workloadtemplate.read", "project.data.protection.read", "project.data.protection.policy.read", "project.data.protection.location.read", "project.alertconfig.read", "project.repository.read", "project.infra.provisioner.read", "project.infra.provisioner.runtime.read", "project.agent.read", "project.agentVersion.read", "project.alert.read", "project.dashboard.workload.read", "project.systemsync.read", "hub.cluster.read", "hub.namespace.read", "hub.openapi.explorer.read", "hub.wellknown.read" ], "NAMESPACE_READ_ONLY": [ "partnerdetails.read", "project.read", "project.customer.read", "registry.read", "registryimage.read", "cluster.scheduler.read", "project.workload.read", "project.v2.config.workloadtemplate.read", "project.workload.customer.read", "project.certificate.read", "project.credential.read", "project.customer.clusters.read", "project.cluster.scheduler.read", "project.taskset.read", "project.placement.read", "project.override.read", "project.clusterOverride.read.workload", "project.integrationEndpoint.read", "project.container.registry.read", "sso.read", "template.read", "project.secretStore.read", "project.registry.read", "project.providers.read", "project.customer.providers.read", "kubeconfig.read", "v2debug.read", "kubectl.namespace.read", "project.namespace.read", "project.namespace.customer.read", "project.v2.namespace.read", "project.aggregate.status.read", "project.data.protection.read", "project.data.protection.policy.read", "project.data.protection.location.read", "hub.namespace.read", "hub.openapi.explorer.read", "hub.wellknown.read", "hub.workload.read" ], "NAMESPACE_ADMIN": [ "user.keys.write", "v2account.read", "console.all", "registryauthkey.read", "registryauthkey.write", "partnerdetails.read", "project.read", "project.customer.read", "project.admin.write", "registry.read", "registry.write", "registryimage.read", "registryimage.write", "cluster.scheduler.read", "project.workload.read", "project.workload.write", "project.workload.customer.read", "project.workload.customer.write", "project.workload.publish", "project.certificate.read", "project.certificate.write", "project.credential.read", "project.credential.write", "project.customer.clusters.read", "project.cluster.scheduler.read", "project.taskset.read", "project.taskset.write", "project.placement.read", "project.placement.write", "project.override.read", "project.override.write", "project.clusterOverride.read.workload", "project.clusterOverride.write.workload", "project.integrationEndpoint.read", "project.integrationEndpoint.write", "project.container.registry.read", "project.container.registry.write", "template.read", "project.secretStore.read", "project.secretStore.write", "project.registry.read", "project.registry.write", "project.providers.read", "project.customer.providers.read", "kubeconfig.read", "v2debug.read", "v2debug.write", "kubectl.namespace.write", "project.namespace.read", "project.namespace.customer.read", "project.v2.namespace.read", "project.aggregate.status.read", "project.data.protection.read", "project.data.protection.policy.read", "hub.namespace.read", "hub.namespace.write", "hub.openapi.explorer.read", "hub.wellknown.read", "hub.workload.read", "hub.workload.write", "project.data.protection.location.read" ], "CLUSTER_ADMIN": [ "console.all", "project.namespace.read", "project.namespace.customer.read", "partnerdetails.read", "project.read", "project.customer.read", "template.read", "cluster.scheduler.read", "cluster.scheduler.write", "clusterctl.read", "clusterctl.write", "project.auditLog.read", "project.relayAudit.read", "project.audit.read", "project.clusterctl.read", "project.clusterctl.write", "project.customer.clusters.read", "project.customer.clusters.write", "project.cluster.scheduler.read", "project.cluster.scheduler.write", "project.taskset.read", "project.placement.read", "project.override.read", "project.v2.namespace.read", "project.integrationEndpoint.read", "project.container.registry.read", "project.secretStore.read", "project.providers.read", "project.customer.providers.read", "project.activityplans.read", "project.activityjobs.read", "project.infra.overrides.read", "relaynetwork.read", "kubeconfig.read", "v2debug.read", "kubectl.clustersettings.read", "kubectl.clustersettings.write", "kubectl.cluster.read", "project.aggregate.status.read", "project.v2.scheduler.placement.read", "project.v2.config.workload.read", "project.v2.config.workloadtemplate.read", "project.data.protection.read", "project.data.protection.policy.read", "project.data.protection.location.read", "project.alertconfig.read", "project.repository.read", "project.infra.provisioner.read", "project.infra.provisioner.runtime.read", "project.agent.read", "project.agentVersion.read", "project.alert.read", "project.dashboard.workload.read" ] } }