Skip to main content

Role Directory

Last update:

A role is a set of authorized operations on specific types of resources.

Roles are assigned within permissions, the role applies to the access area specified in the permission, for more information see Access Control in Selectel Products.

Some roles may only be assigned to a specific access area, and may have a different set of managed resources in different access areas.

member

User with full access to all services.Unavailable access control: users, service users, user groups, federations.

Access areas
  • Account;
  • project
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources

In the Account access area:

  • management of projects, their limits and quotas;
  • billing management;
  • resource management across all projects;
  • management of resources outside of projects.

In the access area Project:

  • management of the resources of the selected project.

billing

User with access to billing management and without access to service management.

Access areasAccount
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources
  • Billing Management:
    • replenishment of balance and transfer of funds between balances;
    • management of auto-account, monthly payments, payment deferrals;
    • balance notification management;
    • bank card management;
    • viewing of reporting documents;
    • managing the affiliate program and withdrawal of funds;
  • view connected services and service statuses.

iam_admin

User with access to user management and without access to services and billing.Cannot manage his account: change permissions, manage notifications, delete user.The first user with the iam_admin role is created by the Account Owner.

Access areasAccount
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources

reader

A user with access to view everything he controls member in the same access area.

Access areas
  • Account;
  • project
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources

In the Account access area:

  • View resources in all projects, as well as resources that are not attached to a project;
  • view the settings of all projects, their limits and quotas;
  • viewing of billing data (balance, bank cards, report documents, partner program, etc.)

In the access area Project:

  • view the resources of the selected project

object_storage:admin

A user with full access to S3 management within a project.Does not have access to S3 in other projects or other products in their project.Read more in the Manage Access in S3 instructions.

Access areasproject
Who can be prescribed
  • Service Users;
  • user groups
Available operations and resources
  • View the list of bucket list in the project;
  • viewing the contents of the bins;
  • management of objects in the baquette (loading, modification, deletion, etc.);
  • changing the settings of the baquettes;
  • configuring the bucket access policy

object_storage_user

A user with access to the S3 bucket if an access policy is configured in  the bucket that allows access to the bucket for that user, more details in the Manage Access in S3 instructions .The level of access is determined by the access policy settings.Does not have access to S3 in other projects and other products in his project.

Access areasproject
Who can be prescribed
  • Service Users;
  • user groups
Available operations and resources
  • View the list of bucket list in the project;
  • operations in the buckets that are allowed by the access policy.

mobile_farm_admin

User with full access to manage the mobile farm in their project.Does not have access to the mobile farm in other projects and other products in their project.Read more in the Manage Access to Mobile Farm instructions.

Access areasproject
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources
  • View mobile farm consumption;
  • Adding and removing mobile farm devices;
  • utilization of mobile farm devices;
  • mobile farm tariff change;
  • adding ADB keys to your profile

mobile_farm_user

User with access to use Mobile Farm devices in their project.Does not have access to Mobile Farm in other projects and other products in their project.More information in the Manage Mobile Farm Access instructions.

Access areasproject
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources
  • View mobile farm consumption;
  • utilization of mobile farm devices;
  • adding ADB keys to your profile

mobile_farm_viewer

User with access to view devices and consume the mobile farm in their project.Does not have access to the mobile farm in other projects and other products in their project.Read more in the Manage Mobile Farm Access instructions.

Access areasproject
Who can be prescribed
  • Users;
  • to service users;
  • user groups
Available operations and resources
  • View mobile farm consumption;
  • Mobile Farm Device Viewer;
  • adding ADB keys to your profile