stackstate-admin
): Have access to all views and have all permissions, except for the platform management permission access-admin-api
.stackstate-platform-admin
): Have platform management permissions and have access to all views.stackstate-power-user
): This role is typically granted to users that need to configure StackState for their team(s), but will not manage the entire StackState installation. Power users have all Administrator permissions except for:execute-restricted-scripts
update-permissions
upload-stackpacks
stackstate-guest
): Have read access, as you can see below when we use the stac
CLI to show granted permissions for the role:stac
CLI yet?sts
CLI. Use the stac
CLI.stackstate-admin
, stackstate-platform-admin
, stackstate-power-user
, stackstate-guest
) are always available. Additional custom role names can be added that have the same permissions. Below is an example of how to do this for both Kubernetes and Linux installations.authentication.yaml
when customizing the authentication configuration to extend the default role names with these custom role names.authorization
section of the configuration file application_stackstate.conf
.xxxGroups = ${stackstate.authorization.xxxGroups} ["custom-role"]
as shown in the example below.access-cli
access-explore
execute-component-actions
manage-star-view
perform-custom-query
read-permissions
update-visualization
access-analytics
access-admin-api
access-log-data
access-synchronization-data
access-topic-data
create-views
execute-component-templates
execute-node-sync
execute-scripts
execute-restricted-scripts
permission is also required to execute scripts using the HTTP script API.import-settings
export-settings
manage-annotations
manage-event-handlers
everything
).access-view
everything
).everything
everything
everything
everything
delete-view
everything
).everything
everything
save-view
everything
).everything
everything
access-explore
everything
resource. See view management permissions.access-view
everything
everything
everything
everything
access-cli
manage-stackpacks
export-settings
and read-settings
import-settings
and read-settings
update-visualization
perform-custom-query
execute-component-actions
manage-topology-elements
manage-topology-elements
and perform-custom-query
and read-settings
manage-topology-elements
manage-topology-elements
manage-topology-elements
manage-topology-elements
and perform-custom-query
and read-settings
access-view
everything
everything
everything
everything
manage-star-view
update-visualization
manage-event-handlers
everything
).save-view
everything
everything
everything
).delete-view
everything
everything
access-analytics
execute-scripts
and access-analytics
execute-restricted-scripts
read-settings
update-settings
export-settings
import-settings
execute-node-sync
access-admin-api
access-log-data
sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.stac
CLI yet?sts
CLI. Use the stac
CLI.