Manage access to firewalls

Last update: May 30 2026

Access to firewalls is governed by a role model that defines access within the account; for more details, see the Access management in Selectel products guide. The capabilities of roles across all products can be viewed in the role reference.

member

A user with full access to all Selectel products. Does not have access to manage: users, service users, user groups and federations.

Access scopes	account; project
Who can be assigned	users; service users; user groups
Available operations with firewalls	In the Account access scope: managing firewalls: ordering firewalls; modifying firewalls; canceling a firewall rental
	In the Project access scope, operations with firewalls are not available

billing

A user with access to billing management and without access to service management.

Access scopes	Account
Who can be assigned	users; service users; user groups
Available operations with firewalls	billing management: balance top-ups and transferring funds between balances; management of autobills, monthly payments, payment deferrals; management of balance notifications; management of bank cards; viewing reporting documents; management of the affiliate program and funds withdrawal; viewing connected services and service statuses

iam.admin

A user with access to manage users and without access to services and billing. Cannot manage their own user account: change permissions, manage notifications, or delete the user. The first user with the iam.admin role is created by the Account Owner.

Access scopes	Account
Who can be assigned	users; service users; user groups
Available operations with firewalls	managing users, service users, user groups with access to firewalls, as well as managing federations

iam.viewer

A user with access to view everything managed by iam.admin.

Access scopes	Account
Who can be assigned	users; service users; user groups
Available operations	viewing users, service users, user group and federations; viewing user keys; view notifications of other users; view account access restrictions

reader

A user with access to view everything managed by member in the same access scope.

Access scopes	account; project
Who can be assigned	users; service users; user groups
Available operations with firewalls	In the Account access scope: viewing the list of firewalls and information about them
	In the Project access scope, operations with firewalls are not available

dedicated.admin

User with access to firewall management.

The dedicated.admin role also provides access to manage:

• dedicated servers;
• colocation;
• basic firewall;
• data storage system;
• network volumes for dedicated servers;
• rented network hardware.

Access scopes	account; project
Who can be assigned	users; service users; user groups
Available operations with firewalls	In the Account access scope: managing firewalls: ordering firewalls; modifying firewalls; canceling a firewall rental
	In the Project access scope, operations with firewalls are not available

dedicated.viewer

A user with access to view everything managed by dedicated.admin in the same access scope.

Access scopes	account; project
Who can be assigned	users; service users; user groups
Available operations with firewalls	In the Account access scope: viewing the list of firewalls and information about them
	In the Project access scope, operations with firewalls are not available