Administrative-based Policies

Organizational policies that are not tied to a data source or module.

Manage group and policies

Read-only: User will be able to see all groups and policies but unable to modify, add new or delete groups or policies.
Create: User able to create new groups and add new policies in groups.
Edit: User able to edit existing groups and modify existing policies in groups.
Delete: User able to delete groups or remove existing policies in groups.

This policy gives the user the ability to upgrade or downgrade their own access as they can add themselves to groups and attach policies. Use with caution.

Manage access for organization

Read-only: User will be able to see all users in the organization but unable to invite, deactivate or revoke invites.
Invite Users: User able to invite other users to organization.
Deactivate/Re-activate users: User able to deactivate/re-activate other users.
Revoke invites: User able to revoke invite of users who are still pending signup.

Manage data sources

Read-only: User will be able to see the Data Source tab, and see all data sources but unable to modify, add new sources or delete existing sources.
Edit: User can enable/disable data sources, modify credentials and additional configurations.
Create: User can add new data sources.
Delete: User can delete data sources.

Manage Config Default settings

Read-only: User will be able to see the Configure Alerts tab but not able to edit.
Edit: User will be able to edit the email, Slack or webhooks settings.

Manage Domains

Create Domains: User able to create a domain.

Note that all domain-based policies reside in the Domain Memberships itself and this permission is the administrative level of creating a domain only. Read more on the Domain memberships here.

PreviousSource-based Policies NextModule-based Policies

Last updated 6 months ago