...
Object Type | Permission | Notes | General Recommendation |
---|---|---|---|
Project1 | Read | Project read is allowed, i.e. project can be opened by user. | All Users |
Project1 | View Logs | Project execution and associated logs can be viewed. | All Users |
Project1 | Create Folder/Application/Project | Project, folder, application can be created. | Technical Leads |
Project1 | Configure Folder/Application/Project | Project, folder, application can be configured. | Technical Leads |
Project1 | Configure Files | Project files can be populated and updated. | Developers, Technical Leads |
Project1 | Configure Commands | Deployment commands (EBS) can be updated. This should be restricted to admin users. | FD Administrators |
Project1 | Execute | Project build/deploy/test request can be submitted. Deployment environments are further controlled by Deployment Permissions. | Developers, Technical Leads |
Project | Page View | Allows access to Project menu. | All Users |
Approval Setup | Read | Approvals (outside of pipeline) can be read. | All Users |
Approval Setup | Create / Update | Approvals (outside of pipeline) can be created or updated. | Change Management/Operations |
Window Setup | Read | Schedule windows (outside of pipeline) can be read. | All Users |
Window Setup | Create / Update | Schedule windows (outside of pipeline) can be created or updated. | Change Management/Operations |
Notification Setup | Read | Configured notifications (email) can be read. | All Users |
Notification Setup | Create / Update | Additional notifications (email) can be created or updated. | All Users |
Notification Setup | Delete | Additional notifications (email) can be deleted. | All Users |
Workflow | Read | Workflow (build,deploy, test etc.) can be read. This contains execution code for build and deployment. | All Users |
Workflow | Create / Update | Workflow (build,deploy, test etc.) can be created or updated. This contains execution code for build and deployment. | FD Administrators |
Release2 | Read | Release (collection of projects for specific delivery) can be read. | All Users |
Release2 | Create/Update | Release (collection of projects for specific delivery) can be created or updated. | Change Management/Operations |
Release2 | Create Snapshot | Create snapshot is process of including build version in to release. Developer can be responsible for this as well. | Developers, Technical Leads |
Release2 | Configure Project List | Projects and packages can be added or removed from release. | Developers, Technical Leads |
Release2 | Configure Pipeline | Pipeline can be configured on release with this permission. Access to Override members on Teams tab is also controlled by this permission. | Change Management/Operations |
Release2 | Configure CMS | Change management system details can be configured on release with this permission. | Change Management/Operations |
Release2 | Manage Lifecycle | Release start, pause, end actions are allowed with this permission. | Change Management/Operations |
Release2 | Grant Permissions | Release permission can be changed with this permission, otherwise Administrator users can configure permissions. | FD Administrators |
Pipeline | Read | Pipeline can be read. Pipeline defined promotion process through various environments. | All Users |
Pipeline | Update | Pipeline can be created or updated. | FD Administrators |
Report | Read | Reports can be read. | All Users |
Environment Instance | Read | Topology object read permission. | All Users |
Environment Instance | Create / Update | Topology object update permission. Allows update to properties like folder, user, password etc. | FD Administrators |
Environment | Read | Topology object read permission. | All Users |
Environment | Create / Update | Topology environment can be created or updated. | FD Administrators |
Instance | Read | Topology object read permission. | All Users |
Instance | Create / Update | Deployment target (logical) can be created or updated. | FD Administrators |
Endpoint | Read | Endpoint (SSH configuration) to connect to target nodes can be read. | All Users |
Endpoint | Update | Endpoint (SSH configuration) to connect to target nodes can be created or updated. | FD Administrators |
Scheduled Task | Read | Scheduled task (deployment outside of pipeline waiting for schedule) can be read. | All Users |
Scheduled Task | Update | Scheduled task (deployment outside of pipeline waiting for schedule) can be overriden, allows immediate run of deployment. | Change Management/Operations |
Plugin | Read | Plugin details can be read. | All Users |
Plugin | Upload | Plugin can be uploaded and activated. Generally restricted to Administrators. | FD Administrators |
Property Set | Read | Configured property details (plugin or workflow based) can be read. Internal details. | All Users |
Template | Read | Templates can be read. Templates allow creation of projects using CSV input data. | All Users |
Template | Create / Update | Templates can created or updated. | FD Administrators |
Defaults | Read | Defaults can be read. Defaults allow some customizable defaults when new objects are created in FlexDeploy. | All Users |
Defaults | Update | Defaults configuration can be updated. | FD Administrators |
FlexField | Read | FlexField configurations can be read. FlexFields are custom inputs to build and deploy workflow requests. | All Users |
FlexField | Update | FlexFields can be configured (enalbed) | FD Administrators |
Test Type | Read | Test type names can be read. | All Users |
Test Type | Create / Update | Test type names can be created or updated. | FD Administrators |
Object Type | Read | Object Type customization details can be read. Customization is restricted to Administrator users. | All Users |
Testing Tool | Read | Testing tools configurations can be read. | All Users |
Testing Tool | Create / Update | Cutom testing tools configurations can be created or updated. | FD Administrators |
Issue Tracking System | Read | Issue tracking system configurations can be read. | All Users |
Issue Tracking System | Update | Global configurations for Issue Tracking Systems can be updated. | FD Administrators |
Change Management System | Read | Change management system configurations can be read. | All Users |
Change Management System | Update | Global configurations for change management systems can be updated. | FD Administrators |
Cloud Account | Read | Cloud Account details can be read. | All Users |
Cloud Account | Create / Update | Cloud Account can be created or updated. | FD Administrators |
Artifact Repository Account | Read | Artifact Repository Account details can be read. | All Users |
Artifact Repository Account | Create / Update | Artifact Repository Account can be created or updated. | FD Administrators |
CI Server Account | Read | CI Server Account details can be read. | All Users |
CI Server Account | Create / Update | CI Server Account can be created or updated. | All Users |
Analysis Tool Account | Read | Analysis Tool Account details can be read. | All Users |
Analysis Tool Account | Create / Update | Analysis Tool Account can be created or updated. | All Users |
Other Tools Account | Read | Other Tools Account details can be read. | FD Administrators, DBA, Middleware Administrators |
Other Tools Account | Create / Update | Other Tools Account can be created or updated. | FD Administrators, DBA, Middleware Administrators |
Account Provider | Read | Account providers for cloud accounts can be read. | All Users |
Account Provider | Create / Update | Account providers (custom) for cloud accounts can be created or updated. | All Users |
User | Read | User information can be read. Users management is restricted to Administrator users. | All Users |
Group | Read | Group information can be read. Group management is restricted to Administrator users. | All Users |
Realm | Read | Realm information can be read. Realm configuration is restricted to Administrator users. | All Users |
Credential | Read | Credential details can be read. Note that secret text like password can never be read in clear text, hence you can only see details necessary to request credential from store. | All Users |
Credential | Create / Update | Credential details including secret text like password can be be entered. | FD Administrators, DBA, Middleware Administrators |
Credential | Delete | Credential can be deleted if not used. | FD Administrators, DBA, Middleware Administrators |
Credential Store | Read | Credential store details can be read. Management of stores is restricted for Administrators. | All Users |
Credential Store Provider | Read | Credential store providers can be read. Management of store providers is restricted for Administrators. | All Users |
Webhook Functions | Read | Webhook functions can be read. | All Users |
Webhook Functions | Create / Update | Webhook functions can be created or updated. | Technical Leads, Developers |
Webhook Functions | Delete | Webhook functions can be deleted. | Technical Leads |
Webhook Providers | Read | Webhook providers can be viewed. | All Users |
Webhook Providers | Create / Update | Webhook providers can be created or updated. | Technical Leads, Developers |
Webhook Messages | View Tracking | Webhook messages screen can be viewed. | All Users |
Webhook Messages | View Message Logs | Webhook message logs can be viewed. | Technical Leads, Developers |
Webhook Messages | View Message Details | Webhook message payload, query params and headers can be viewed. | Technical Leads, Developers |
Webhook Messages | Resubmit Message | Webhook message can be resubmitted. | Technical Leads, Developers |
Deployment Permissions | Allows control which environments user is allowed to perform deployment. |
...