Skip to content

Managing User Roles - Enterprise Users

You can assign user roles to control the actions and permissions of users. This table summarizes each user role and its supported functionality, indicated by a .

Company Admin
Company Admin
Technical Admin
Technical Admin
Technical Contact
Technical Contact
Financial Contact
Financial Contact
Read Only
Read Only
Create services
View services
Update services
Delete services
Lock and unlock services
Create and delete applications
View applications
Update applications
Create, update, and delete Insights
Create, view, and update users
Add and delete credentials
Create and delete clusters
View clusters
Update clusters
Download Kubernetes configuration
Create and delete repositories
View repositories
Update repositories
View usage
Enable and update billing markets
View billing markets
View and pay invoices

Here are some details to consider when creating user roles:

  • Company Admin – Company Admin users have access to all user privileges. We recommend limiting the number of Company Admin users to only those who require full access, but defining at least two for redundancy.
  • Technical Admin – This role is for technical users who know how to create and approve orders.
  • Technical Contact – This role is for technical users who know how to design and modify services but don’t have the authority to approve orders.
  • Finance – Finance users should have a financial responsibility within the organization while also understanding the consequences of their actions if they delete or approve services.
    Note: While creating services, direct customers can see the cost of the service before deploying. It is also possible to see the cost of deployed services by selecting a service in the Portal and viewing the Details tab.
  • Financial Contact – This user role is similar to the Finance role without the ability to place and approve orders, delete services, or administer service keys.
  • Read Only – Read Only is the most restrictive role. Note that a Read Only user can view service details which you might want to keep secure and private.

You can add user roles when you create a new user, or you can edit user information to change their role. For details about managing users, roles, and permissions, see Adding and Modifying Users.


To edit users, you need Company Admin privileges.

Last update: 2023-02-02