Role Permissions

The User Role Management in the ARMO platform provides greater flexibility and control over how users interact with your organization’s Cloud security environment.

Predefined Roles for streamlined Access Control

The role management feature includes three predefined roles designed to streamline team collaboration and ensure secure access:

1. Admin

Permissions: Full visibility and management capabilities.
Ideal for: Administrators who need comprehensive control over the platform, including account and billing management.

2. Manager

Permissions: Operational capabilities for clusters, policies, workflows, ticketing, alerting, and connectors.
Restrictions: Cannot manage account or billing settings.
Ideal for: Managers responsible for day-to-day security operations.

3. Read Only

Permissions: View-only access to the platform.
Restrictions: Cannot perform any actions or changes.
Ideal for: Team members who need insight into security operations without modifying settings.

Why This Matters

Enhanced Security: Minimize risk by assigning roles that match each user’s responsibilities.
Improved Efficiency: Tailor access levels to ensure users can focus on their specific tasks without unnecessary permissions.
Seamless Collaboration: Empower your team with the right tools while maintaining control over sensitive areas like billing and account management.

Permission by actions

General Actions	Admin	Manager	ReadOnly
View Help	✅	✅	✅
View Finish setup	✅	✅	✅
Initiate scan	✅	✅	❌
Create Jira ticket	✅	✅	❌
Accept the risk	✅	✅	❌
Resolve incident	✅	✅	❌
Filters	✅	✅	✅
Export	✅	✅	❌
Create/edit/delete workflow	✅	✅	❌

Settings	Admin	Manager	ReadOnly
Connect cluster	✅	✅	❌
Connect Registry	✅	✅	❌
Connect Repository	✅	✅	❌
Connect Cloud account	✅	✅	❌
Frameworks	✅	✅	❌
Controls	✅	✅	❌
Access Keys	✅	✅	❌

Billing	Admin	Manager	ReadOnly
Plans	✅	❌	❌
Invoices	✅	❌	❌
Current plan	✅	❌	❌

Account	Admin	Manager	ReadOnly
Account management	✅	❌	❌
Create/Delete/Update account	✅	❌	❌