diff --git a/public/docs/i/1000/infrastructure/git-credentials/images/git-credentials.webp b/public/docs/i/1000/infrastructure/git-credentials/images/git-credentials.webp index e03695277f..9464f122b1 100644 Binary files a/public/docs/i/1000/infrastructure/git-credentials/images/git-credentials.webp and b/public/docs/i/1000/infrastructure/git-credentials/images/git-credentials.webp differ diff --git a/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp b/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp new file mode 100644 index 0000000000..9abc495c44 Binary files /dev/null and b/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp differ diff --git a/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp b/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp new file mode 100644 index 0000000000..896f872ad7 Binary files /dev/null and b/public/docs/i/1000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp differ diff --git a/public/docs/i/2000/infrastructure/git-credentials/images/git-credentials.webp b/public/docs/i/2000/infrastructure/git-credentials/images/git-credentials.webp index 1826d7b01b..51cd683402 100644 Binary files a/public/docs/i/2000/infrastructure/git-credentials/images/git-credentials.webp and b/public/docs/i/2000/infrastructure/git-credentials/images/git-credentials.webp differ diff --git a/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp b/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp new file mode 100644 index 0000000000..9abc495c44 Binary files /dev/null and b/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp differ diff --git a/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp b/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp new file mode 100644 index 0000000000..a4c6d18ec2 Binary files /dev/null and b/public/docs/i/2000/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp differ diff --git a/public/docs/i/600/infrastructure/git-credentials/images/git-credentials.webp b/public/docs/i/600/infrastructure/git-credentials/images/git-credentials.webp index 3e3b7b69ee..4c534344d5 100644 Binary files a/public/docs/i/600/infrastructure/git-credentials/images/git-credentials.webp and b/public/docs/i/600/infrastructure/git-credentials/images/git-credentials.webp differ diff --git a/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp b/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp new file mode 100644 index 0000000000..6d2d07938e Binary files /dev/null and b/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.webp differ diff --git a/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp b/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp new file mode 100644 index 0000000000..5c59118a8d Binary files /dev/null and b/public/docs/i/600/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.webp differ diff --git a/public/docs/i/x/infrastructure/git-credentials/images/git-credentials.png b/public/docs/i/x/infrastructure/git-credentials/images/git-credentials.png index 9a9088b772..ab5a7dac4e 100644 Binary files a/public/docs/i/x/infrastructure/git-credentials/images/git-credentials.png and b/public/docs/i/x/infrastructure/git-credentials/images/git-credentials.png differ diff --git a/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png b/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png new file mode 100644 index 0000000000..e84f908dbe Binary files /dev/null and b/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png differ diff --git a/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png b/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png new file mode 100644 index 0000000000..2b7e34168e Binary files /dev/null and b/public/docs/i/x/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png differ diff --git a/public/docs/img/infrastructure/git-credentials/images/git-credentials.png b/public/docs/img/infrastructure/git-credentials/images/git-credentials.png index 39b6f7b62c..31aa85c5fe 100644 Binary files a/public/docs/img/infrastructure/git-credentials/images/git-credentials.png and b/public/docs/img/infrastructure/git-credentials/images/git-credentials.png differ diff --git a/public/docs/img/infrastructure/git-credentials/images/git-credentials.png.json b/public/docs/img/infrastructure/git-credentials/images/git-credentials.png.json index 257928510b..e959a7a699 100644 --- a/public/docs/img/infrastructure/git-credentials/images/git-credentials.png.json +++ b/public/docs/img/infrastructure/git-credentials/images/git-credentials.png.json @@ -1,5 +1 @@ -{ - "width": 2530, - "height": 1726, - "updated": "2025-08-01T08:52:49.163Z" -} \ No newline at end of file +{"width":1600,"height":927,"updated":"2026-06-01T03:34:52.312Z"} \ No newline at end of file diff --git a/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png new file mode 100644 index 0000000000..a71ee2d49e Binary files /dev/null and b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png differ diff --git a/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png.json b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png.json new file mode 100644 index 0000000000..e7194cddb3 --- /dev/null +++ b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png.json @@ -0,0 +1 @@ +{"width":645,"height":580,"updated":"2026-06-01T04:06:54.221Z"} \ No newline at end of file diff --git a/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png new file mode 100644 index 0000000000..fdd87d4ec9 Binary files /dev/null and b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png differ diff --git a/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png.json b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png.json new file mode 100644 index 0000000000..d30c871af9 --- /dev/null +++ b/public/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png.json @@ -0,0 +1 @@ +{"width":1600,"height":927,"updated":"2026-06-01T04:06:54.250Z"} \ No newline at end of file diff --git a/src/pages/docs/administration/spaces/index.mdx b/src/pages/docs/administration/spaces/index.mdx index 25bd28dc60..d687c72b83 100644 --- a/src/pages/docs/administration/spaces/index.mdx +++ b/src/pages/docs/administration/spaces/index.mdx @@ -103,7 +103,7 @@ Once you've done this, follow these steps: 1. Return to **Configuration ➜ Spaces** and select the space that you wish to nominate as the default space. 2. Click the overflow button and select **Enable the default space**. -**Remove the default space** +#### Remove the default space For organizations that are new to Octopus, especially those that make heavy use of spaces, a default space is not required, and you can remove the default space entirely. However, this comes with some considerations that should be weighed carefully against the needs of your organization. @@ -138,22 +138,23 @@ The following table shows which Octopus resources are space-scoped, system-scope If a resource isn't listed below, then it's space-scoped. ::: -| Resource | Space-scoped | System-scoped | -| --------------------- | --------------------------- | ------------- | -| Environments | True | | -| Lifecycles | True | | -| Projects | True | | -| Variable sets | True | | -| Deployment targets | True | | -| Tenants | True | | -| Custom Step Templates | True | | -| Octopus Server nodes | | True | -| Authentication | | True | -| Users | | True | -| License | | True | -| Events | True | True | -| Teams | True | True | -| Tasks | True | True | +| Resource | Space-scoped | System-scoped | +| --------------------- | ------------ | ------------- | +| Environments | True | | +| Lifecycles | True | | +| Projects | True | | +| Variable sets | True | | +| Deployment targets | True | | +| Tenants | True | | +| Custom Step Templates | True | | +| Octopus Server nodes | | True | +| Authentication | | True | +| SSH Known Hosts | | True | +| Users | | True | +| License | | True | +| Events | True | True | +| Teams | True | True | +| Tasks | True | True | ## Automation changes to be aware of \{#automation-changes} diff --git a/src/pages/docs/infrastructure/git-credentials/index.mdx b/src/pages/docs/infrastructure/git-credentials/index.mdx index e31134698e..23b9c72b56 100644 --- a/src/pages/docs/infrastructure/git-credentials/index.mdx +++ b/src/pages/docs/infrastructure/git-credentials/index.mdx @@ -8,7 +8,7 @@ description: How to work with Git credentials. navOrder: 35 --- -Git credentials allow you to define your Git authentication credentials once, and reuse them across projects. +Git credentials let you define your Git authentication credentials once, and reuse them across projects. You can manage your Git credentials by navigating to **Manage ➜ Git Credentials** in the Octopus Web Portal: @@ -16,9 +16,43 @@ You can manage your Git credentials by navigating to **Manage ➜ Git Credential ![The Git credentials area of Octopus Deploy](/docs/img/infrastructure/git-credentials/images/git-credentials.png) ::: +## Authentication methods + +Octopus supports two ways to authenticate a Git credential: + +- **Username and password** – a username with a password or personal access token. This works for any Git provider over HTTPS. +- **SSH key** – an SSH private key, with an optional passphrase. Use this when you need to connect to a repository over SSH. + +You choose the authentication method when you add or edit a Git credential. + +### Username and password + +Enter the username for your Git provider, and a password or personal access token in the **Password** field. We recommend using a personal access token rather than a password, and following the principle of least privilege when you grant it scopes. For provider-specific guidance on creating an access token, see the [Config as Code authentication reference](/docs/projects/version-control/config-as-code-reference/#authentication). + +### SSH key + +:::div{.info} +Available from Octopus 2026.2 +::: + +To authenticate with an SSH key: + +1. Add your private key either as a file upload or by manually entering it. +2. If your private key is protected with a passphrase, enter it in the **Passphrase** field. Leave this empty if your key has no passphrase. + +Before Octopus can connect to a repository over SSH, it needs to trust the SSH host. Set up the hosts Octopus trusts on the [SSH known hosts](/docs/infrastructure/git-credentials/ssh-known-hosts) page. + +:::div{.warning} +Known limitations with SSH key authentication: + +- Git operations that run on a Windows host (either server or Tentacle) aren't supported. +- Repository URLs must include a username, for example `git@example.com:octopus/repo.git` or `ssh://git@example.com/octopus/repo.git`. + +::: + ## Edit your Git credentials -To edit individual environments, click the Git credential name. From here, it is possible to edit the name, description, change the username and password, set repository restrictions, or delete the Git credential. +To edit an individual Git credential, click the Git credential name. From here you can edit the name and description, change the authentication method and credentials, set repository restrictions, or delete the Git credential. ## Git credential permissions @@ -26,7 +60,7 @@ You can control who has access to view and edit Git credentials by assigning use ## Repository Restrictions -You can optionally restrict the Git credential to specified repository URL's. These can be complete repository URL’s or you can add a wildcard at the end to include everything under that path. +You can optionally restrict the Git credential to specified repository URL's. These can be complete repository URL's or you can add a wildcard at the end to include everything under that path. :::figure ![The Git credentials area of Octopus Deploy](/docs/img/infrastructure/git-credentials/images/git-credential-details.png) diff --git a/src/pages/docs/infrastructure/git-credentials/ssh-known-hosts/index.md b/src/pages/docs/infrastructure/git-credentials/ssh-known-hosts/index.md new file mode 100644 index 0000000000..58d4f38923 --- /dev/null +++ b/src/pages/docs/infrastructure/git-credentials/ssh-known-hosts/index.md @@ -0,0 +1,53 @@ +--- +layout: src/layouts/Default.astro +pubDate: 2026-06-01 +modDate: 2026-06-01 +title: SSH known hosts +icon: fa-solid fa-shield-halved +description: How to manage the SSH hosts Octopus trusts when connecting to Git repositories over SSH. +navOrder: 10 +--- + +When Octopus connects to a Git repository over SSH, it needs to know it's talking to the expected server and not an imposter. SSH known hosts record the public keys of the SSH servers Octopus trusts, so Octopus can verify each connection. They work the same way the `known_hosts` file works on your developer machine. + +If you want to authenticate a [Git credential](/docs/infrastructure/git-credentials) with an SSH key, you'll need to add the SSH host for that repository to your known hosts before you use it. Otherwise Octopus can't verify the server and the connection fails. + +:::figure +![The SSH known hosts settings page in Octopus Deploy, showing a list of trusted SSH hosts](/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/ssh-known-hosts.png) +::: + +## Known hosts are system-wide + +SSH known hosts are system-wide. They're shared across every space in your instance, rather than being scoped to a single space. A host you add is trusted by every space, and a host you remove is no longer trusted by any space. + +## Manage your known hosts + +You manage SSH known hosts by navigating to **Configuration ➜ SSH Known Hosts** in the Octopus Web Portal. + +Octopus pre-seeds the list of known hosts with those of common cloud providers and will keep this list up to date via Octopus version updates. + +To add a new known host, provide the host, key type and a hash of the public key in the form ` ` and save. + +Octopus accepts these in the same format that `ssh-keyscan` or your local `known_hosts` file stores them in. You can copy and paste from your terminal or local file to add them. + +:::figure +![Adding SSH known hosts with a multi-line entry from ssh-keyscan](/docs/img/infrastructure/git-credentials/ssh-known-hosts/images/add-ssh-known-hosts.png) +::: + +## Permissions + +Two permissions control access to SSH known hosts: + +| Permission | Description | +| ------------------------- | ------------------------------------- | +| `SshKnownHostsView` | View SSH known hosts | +| `SshKnownHostsAdminister` | Add, edit, and remove SSH known hosts | + +Because known hosts are system-wide, these are system-level permissions. + +Access to Git credentials and SSH known hosts go hand in hand, so the built-in roles that can view or edit Git credentials are also granted these permissions by default. `SshKnownHostsView` is granted alongside the `GitCredentialView` permission, and `SshKnownHostsAdminister` alongside the `GitCredentialEdit` permission, so most users can view or administer SSH known hosts without any extra setup. For the permissions in each built-in role, see [default permissions for built-in user roles](/docs/security/users-and-teams/default-permissions). For more information on managing access, see [managing users and teams](/docs/security/users-and-teams). + +## Learn more + +- [Git credentials](/docs/infrastructure/git-credentials) +- [Configuration as Code](/docs/projects/version-control) diff --git a/src/pages/docs/projects/version-control/config-as-code-reference.mdx b/src/pages/docs/projects/version-control/config-as-code-reference.mdx index de52ca7e05..1bcbcab7d8 100644 --- a/src/pages/docs/projects/version-control/config-as-code-reference.mdx +++ b/src/pages/docs/projects/version-control/config-as-code-reference.mdx @@ -333,7 +333,6 @@ All other resources will be referenced from OCL via their ID. We plan on growing When designing the config-as-code feature, we made several decisions to keep an appropriate balance of usability and functionality. There are a few limitations and items of note you should be aware of with config-as-code. - The Octopus Terraform Provider and OCL are not a 1:1 match. You cannot copy resources between the two and expect everything to work. We want to narrow the gap as much as possible, but as of right now, a gap exists. -- Octopus currently only supports connecting to Git repositories over HTTPS and not SSH. - Shared resources (environments, external feeds, channels, etc.) are referenced by their slug from OCL. The API however will still use IDs. - Shared resources referenced in OCL that no longer exist in Octopus Server will result in an error when loading through the portal or API. The provided error message should provide information indicating what reference is no longer valid and should be updated or removed before being loaded again. - Shared resources must exist before loading an OCL file into Octopus Deploy. What that means is if you copy the OCL files from one Git repo to another, and point a new project at those files, then any shared resource must exist before creating that project. That only applies when projects are in different spaces or on different instances. If the resources do not exist, an error message will appear. diff --git a/src/pages/docs/security/users-and-teams/default-permissions.md b/src/pages/docs/security/users-and-teams/default-permissions.md index 91ffadde6c..9049219a1c 100644 --- a/src/pages/docs/security/users-and-teams/default-permissions.md +++ b/src/pages/docs/security/users-and-teams/default-permissions.md @@ -8,633 +8,641 @@ description: A listing of the default permissions for each of the built-in user ## Build Server {#DefaultPermissions-BuildServer} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| BuildInformationAdminister | Replace or delete build information | -| BuildInformationPush | Create/update build information | -| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | -| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | -| BuiltInFeedPush | Push new packages to the built-in package repository | -| DeploymentCreate | Deploy releases to target environments | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| FeedView | View package feeds and the packages in them | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectView | View the details of projects | -| ReleaseCreate | Create a release for a project | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookRunCreate | Create runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskView | View summary-level information associated with a task | -| TenantView | View tenants | +| Space Permission | Description | +| -------------------------- | -------------------------------------------------------------------- | +| BuildInformationAdminister | Replace or delete build information | +| BuildInformationPush | Create/update build information | +| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | +| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | +| BuiltInFeedPush | Push new packages to the built-in package repository | +| DeploymentCreate | Deploy releases to target environments | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| FeedView | View package feeds and the packages in them | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectView | View the details of projects | +| ReleaseCreate | Create a release for a project | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookRunCreate | Create runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskView | View summary-level information associated with a task | +| TenantView | View tenants | ## Certificate Manager {#DefaultPermissions-CertificateManager} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| CertificateCreate | Create certificates | -| CertificateDelete | Delete certificates | -| CertificateEdit | Edit certificates | +| Space Permission | Description | +| --------------------------- | ------------------------------- | +| CertificateCreate | Create certificates | +| CertificateDelete | Delete certificates | +| CertificateEdit | Edit certificates | | CertificateExportPrivateKey | Export certificate private-keys | -| CertificateView | View certificates | -| EnvironmentView | View environments | -| TenantView | View tenants | +| CertificateView | View certificates | +| EnvironmentView | View environments | +| TenantView | View tenants | ## Deployment Creator {#DefaultPermissions-DeploymentCreator} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| DeploymentCreate | Deploy releases to target environments | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectView | View the details of projects | -| ReleaseView | View a release of a project | -| RunbookRunCreate | Create runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskView | View summary-level information associated with a task | -| TenantView | View tenants | +| Space Permission | Description | +| ---------------------- | ------------------------------------------------------------------ | +| DeploymentCreate | Deploy releases to target environments | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectView | View the details of projects | +| ReleaseView | View a release of a project | +| RunbookRunCreate | Create runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskView | View summary-level information associated with a task | +| TenantView | View tenants | ## Environment Manager {#DefaultPermissions-EnvironmentManager} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| AccountCreate | Create accounts | -| AccountDelete | Delete accounts | -| AccountEdit | Edit accounts | -| AccountView | View accounts | -| CertificateView | View certificates | -| EnvironmentCreate | Create environments | -| EnvironmentDelete | Delete environments | -| EnvironmentEdit | Edit environments | -| EnvironmentView | View environments | -| MachineCreate | Create machines | -| MachineDelete | Delete machines | -| MachineEdit | Edit machines | -| MachinePolicyCreate | Create health check policies | -| MachinePolicyDelete | Delete health check policies | -| MachinePolicyEdit | Edit health check policies | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProxyCreate | Create proxies | -| ProxyDelete | Delete proxies | -| ProxyEdit | Edit proxies | -| ProxyView | View proxies | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| WorkerEdit | Edit workers and worker pools | -| WorkerView | View the workers in worker pools | +| System Permission | Description | +| ----------------- | ----------- | +| TeamView | View teams | + +| Space Permission | Description | +| ------------------- | ----------------------------------------------------- | +| AccountCreate | Create accounts | +| AccountDelete | Delete accounts | +| AccountEdit | Edit accounts | +| AccountView | View accounts | +| CertificateView | View certificates | +| EnvironmentCreate | Create environments | +| EnvironmentDelete | Delete environments | +| EnvironmentEdit | Edit environments | +| EnvironmentView | View environments | +| MachineCreate | Create machines | +| MachineDelete | Delete machines | +| MachineEdit | Edit machines | +| MachinePolicyCreate | Create health check policies | +| MachinePolicyDelete | Delete health check policies | +| MachinePolicyEdit | Edit health check policies | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProxyCreate | Create proxies | +| ProxyDelete | Delete proxies | +| ProxyEdit | Edit proxies | +| ProxyView | View proxies | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| WorkerEdit | Edit workers and worker pools | +| WorkerView | View the workers in worker pools | ## Environment Viewer {#DefaultPermissions-EnvironmentViewer} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| AccountView | View accounts | -| CertificateView | View certificates | -| EnvironmentView | View environments | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProxyView | View proxies | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| WorkerView | View the workers in worker pools | +| System Permission | Description | +| ----------------- | ----------- | +| TeamView | View teams | + +| Space Permission | Description | +| ----------------- | ----------------------------------------------------- | +| AccountView | View accounts | +| CertificateView | View certificates | +| EnvironmentView | View environments | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProxyView | View proxies | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| WorkerView | View the workers in worker pools | ## Insights Report Manager {#DefaultPermissions-InsightsReportManager} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| EnvironmentView | View environments | -| InsightsReportCreate | Create Insights reports | -| InsightsReportDelete | Delete Insights reports | -| InsightsReportEdit | Edit Insights reports | -| InsightsReportView | View Insights reports | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| TenantView | View tenants | +| Space Permission | Description | +| -------------------- | ------------------------------------------------------------------ | +| EnvironmentView | View environments | +| InsightsReportCreate | Create Insights reports | +| InsightsReportDelete | Delete Insights reports | +| InsightsReportEdit | Edit Insights reports | +| InsightsReportView | View Insights reports | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| TenantView | View tenants | ## Package Publisher {#DefaultPermissions-PackagePublisher} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| BuildInformationAdminister | Replace or delete build information | -| BuildInformationPush | Create/update build information | -| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | -| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | -| BuiltInFeedPush | Push new packages to the built-in package repository | -| FeedView | View package feeds and the packages in them | +| Space Permission | Description | +| -------------------------- | -------------------------------------------------------------------- | +| BuildInformationAdminister | Replace or delete build information | +| BuildInformationPush | Create/update build information | +| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | +| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | +| BuiltInFeedPush | Push new packages to the built-in package repository | +| FeedView | View package feeds and the packages in them | ## Project Contributor {#DefaultPermissions-ProjectContributor} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ActionTemplateCreate | Create step templates | -| ActionTemplateDelete | Delete step templates | -| ActionTemplateEdit | Edit step templates | -| ActionTemplateView | View step templates | -| ArtifactCreate | Manually create artifacts | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| DefectReport | Block a release from progressing to the next lifecycle phase | -| DefectResolve | Unblock a release so it can progress to the next phase | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedView | View package feeds and the packages in them | -| InterruptionView | View interruptions generated during deployments | +| System Permission | Description | +| ----------------- | ----------------------- | +| SshKnownHostsView | View SSH known hosts | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| ActionTemplateCreate | Create step templates | +| ActionTemplateDelete | Delete step templates | +| ActionTemplateEdit | Edit step templates | +| ActionTemplateView | View step templates | +| ArtifactCreate | Manually create artifacts | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| DefectReport | Block a release from progressing to the next lifecycle phase | +| DefectResolve | Unblock a release so it can progress to the next phase | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedView | View package feeds and the packages in them | +| InterruptionView | View interruptions generated during deployments | | InterruptionViewSubmitResponsible | Take responsibility for and submit interruptions generated during deployments when the user is in a designated responsible team | -| LibraryVariableSetCreate | Create library variable sets | -| LibraryVariableSetDelete | Delete library variable sets | -| LibraryVariableSetEdit | Edit library variable sets | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProcessEdit | Edit the deployment process and channels associated with a project | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectEdit | Edit project details | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerCreate | Create triggers | -| TriggerDelete | Delete triggers | -| TriggerEdit | Edit triggers | -| TriggerView | View triggers | -| VariableEdit | Edit variables belonging to a project | -| VariableView | View variables belonging to a project or library variable set | +| LibraryVariableSetCreate | Create library variable sets | +| LibraryVariableSetDelete | Delete library variable sets | +| LibraryVariableSetEdit | Edit library variable sets | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProcessEdit | Edit the deployment process and channels associated with a project | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectEdit | Edit project details | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerCreate | Create triggers | +| TriggerDelete | Delete triggers | +| TriggerEdit | Edit triggers | +| TriggerView | View triggers | +| VariableEdit | Edit variables belonging to a project | +| VariableView | View variables belonging to a project or library variable set | ## Project Deployer {#DefaultPermissions-ProjectDeployer} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ActionTemplateCreate | Create step templates | -| ActionTemplateDelete | Delete step templates | -| ActionTemplateEdit | Edit step templates | -| ActionTemplateView | View step templates | -| ArtifactCreate | Manually create artifacts | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| DefectReport | Block a release from progressing to the next lifecycle phase | -| DefectResolve | Unblock a release so it can progress to the next phase | -| DeploymentCreate | Deploy releases to target environments | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedView | View package feeds and the packages in them | -| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | -| InterruptionView | View interruptions generated during deployments | +| System Permission | Description | +| ----------------- | ----------------------- | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| ActionTemplateCreate | Create step templates | +| ActionTemplateDelete | Delete step templates | +| ActionTemplateEdit | Edit step templates | +| ActionTemplateView | View step templates | +| ArtifactCreate | Manually create artifacts | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| DefectReport | Block a release from progressing to the next lifecycle phase | +| DefectResolve | Unblock a release so it can progress to the next phase | +| DeploymentCreate | Deploy releases to target environments | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedView | View package feeds and the packages in them | +| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | +| InterruptionView | View interruptions generated during deployments | | InterruptionViewSubmitResponsible | Take responsibility for and submit interruptions generated during deployments when the user is in a designated responsible team | -| LibraryVariableSetCreate | Create library variable sets | -| LibraryVariableSetDelete | Delete library variable sets | -| LibraryVariableSetEdit | Edit library variable sets | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProcessEdit | Edit the deployment process and channels associated with a project | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectEdit | Edit project details | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookRunCreate | Create runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerCreate | Create triggers | -| TriggerDelete | Delete triggers | -| TriggerEdit | Edit triggers | -| TriggerView | View triggers | -| VariableEdit | Edit variables belonging to a project | -| VariableView | View variables belonging to a project or library variable set | +| LibraryVariableSetCreate | Create library variable sets | +| LibraryVariableSetDelete | Delete library variable sets | +| LibraryVariableSetEdit | Edit library variable sets | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProcessEdit | Edit the deployment process and channels associated with a project | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectEdit | Edit project details | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookRunCreate | Create runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerCreate | Create triggers | +| TriggerDelete | Delete triggers | +| TriggerEdit | Edit triggers | +| TriggerView | View triggers | +| VariableEdit | Edit variables belonging to a project | +| VariableView | View variables belonging to a project or library variable set | ## Project Initiator {#DefaultPermissions-ProjectInitiator} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| DefectReport | Block a release from progressing to the next lifecycle phase | -| DefectResolve | Unblock a release so it can progress to the next phase | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| InterruptionView | View interruptions generated during deployments | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectCreate | Create projects | -| ProjectDelete | Delete projects | -| ProjectEdit | Edit project details | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ReleaseView | View a release of a project | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerView | View triggers | +| System Permission | Description | +| ----------------- | ----------------------- | +| SshKnownHostsView | View SSH known hosts | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| ---------------------- | ------------------------------------------------------------------ | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| DefectReport | Block a release from progressing to the next lifecycle phase | +| DefectResolve | Unblock a release so it can progress to the next phase | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| InterruptionView | View interruptions generated during deployments | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectCreate | Create projects | +| ProjectDelete | Delete projects | +| ProjectEdit | Edit project details | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ReleaseView | View a release of a project | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerView | View triggers | ## Project Lead {#DefaultPermissions-ProjectLead} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ActionTemplateCreate | Create step templates | -| ActionTemplateDelete | Delete step templates | -| ActionTemplateEdit | Edit step templates | -| ActionTemplateView | View step templates | -| ArtifactCreate | Manually create artifacts | -| ArtifactDelete | Delete artifacts | -| ArtifactEdit | Edit the details describing artifacts | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| DefectReport | Block a release from progressing to the next lifecycle phase | -| DefectResolve | Unblock a release so it can progress to the next phase | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedView | View package feeds and the packages in them | -| InterruptionView | View interruptions generated during deployments | +| System Permission | Description | +| ----------------- | ----------------------- | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| ActionTemplateCreate | Create step templates | +| ActionTemplateDelete | Delete step templates | +| ActionTemplateEdit | Edit step templates | +| ActionTemplateView | View step templates | +| ArtifactCreate | Manually create artifacts | +| ArtifactDelete | Delete artifacts | +| ArtifactEdit | Edit the details describing artifacts | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| DefectReport | Block a release from progressing to the next lifecycle phase | +| DefectResolve | Unblock a release so it can progress to the next phase | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedView | View package feeds and the packages in them | +| InterruptionView | View interruptions generated during deployments | | InterruptionViewSubmitResponsible | Take responsibility for and submit interruptions generated during deployments when the user is in a designated responsible team | -| LibraryVariableSetCreate | Create library variable sets | -| LibraryVariableSetDelete | Delete library variable sets | -| LibraryVariableSetEdit | Edit library variable sets | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProcessEdit | Edit the deployment process and channels associated with a project | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectEdit | Edit project details | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ReleaseCreate | Create a release for a project | -| ReleaseDelete | Delete a release of a project | -| ReleaseEdit | Edit a release of a project | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerCreate | Create triggers | -| TriggerDelete | Delete triggers | -| TriggerEdit | Edit triggers | -| TriggerView | View triggers | -| VariableEdit | Edit variables belonging to a project | -| VariableView | View variables belonging to a project or library variable set | +| LibraryVariableSetCreate | Create library variable sets | +| LibraryVariableSetDelete | Delete library variable sets | +| LibraryVariableSetEdit | Edit library variable sets | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProcessEdit | Edit the deployment process and channels associated with a project | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectEdit | Edit project details | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ReleaseCreate | Create a release for a project | +| ReleaseDelete | Delete a release of a project | +| ReleaseEdit | Edit a release of a project | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerCreate | Create triggers | +| TriggerDelete | Delete triggers | +| TriggerEdit | Edit triggers | +| TriggerView | View triggers | +| VariableEdit | Edit variables belonging to a project | +| VariableView | View variables belonging to a project or library variable set | ## Project Viewer {#DefaultPermissions-ProjectViewer} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| DeploymentView | View deployments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| InterruptionView | View interruptions generated during deployments | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ReleaseView | View a release of a project | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerView | View triggers | +| System Permission | Description | +| ----------------- | ----------------------- | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| ---------------------- | ------------------------------------------------------------------ | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| DeploymentView | View deployments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| InterruptionView | View interruptions generated during deployments | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ReleaseView | View a release of a project | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerView | View triggers | ## Release Creator {#DefaultPermissions-ReleaseCreator} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| EnvironmentView | View environments | -| FeedView | View package feeds and the packages in them | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectView | View the details of projects | -| ReleaseCreate | Create a release for a project | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookView | View runbooks | +| Space Permission | Description | +| ---------------- | ------------------------------------------------------------------ | +| EnvironmentView | View environments | +| FeedView | View package feeds and the packages in them | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectView | View the details of projects | +| ReleaseCreate | Create a release for a project | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookView | View runbooks | ## Runbook Consumer {#DefaultPermissions-RunbookConsumer} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedView | View package feeds and the packages in them | -| InterruptionView | View interruptions generated during deployments | -| LibraryVariableSetView | View library variable sets | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| RunbookRunCreate | Create runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerView | View triggers | +| Space Permission | Description | +| ---------------------- | --------------------------------------------------------- | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedView | View package feeds and the packages in them | +| InterruptionView | View interruptions generated during deployments | +| LibraryVariableSetView | View library variable sets | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| RunbookRunCreate | Create runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerView | View triggers | ## Runbook Producer {#DefaultPermissions-RunbookProducer} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| ActionTemplateCreate | Create step templates | -| ActionTemplateDelete | Delete step templates | -| ActionTemplateEdit | Edit step templates | -| ActionTemplateView | View step templates | -| ArtifactCreate | Manually create artifacts | -| ArtifactDelete | Delete artifacts | -| ArtifactEdit | Edit the details describing artifacts | -| ArtifactView | View the artifacts created manually and during deployment | -| CertificateView | View certificates | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedView | View package feeds and the packages in them | -| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | -| InterruptionView | View interruptions generated during deployments | +| Space Permission | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| ActionTemplateCreate | Create step templates | +| ActionTemplateDelete | Delete step templates | +| ActionTemplateEdit | Edit step templates | +| ActionTemplateView | View step templates | +| ArtifactCreate | Manually create artifacts | +| ArtifactDelete | Delete artifacts | +| ArtifactEdit | Edit the details describing artifacts | +| ArtifactView | View the artifacts created manually and during deployment | +| CertificateView | View certificates | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedView | View package feeds and the packages in them | +| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | +| InterruptionView | View interruptions generated during deployments | | InterruptionViewSubmitResponsible | Take responsibility for and submit interruptions generated during deployments when the user is in a designated responsible team | -| LibraryVariableSetCreate | Create library variable sets | -| LibraryVariableSetDelete | Delete library variable sets | -| LibraryVariableSetEdit | Edit library variable sets | -| LibraryVariableSetView | View library variable sets | -| LifecycleView | View lifecycles | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProjectCreate | Create projects | -| ProjectDelete | Delete projects | -| ProjectEdit | Edit project details | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| RunbookEdit | Edit runbooks | -| RunbookRunCreate | Create runbook runs | -| RunbookRunDelete | Delete runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskView | View summary-level information associated with a task | -| TeamView | View teams | -| TenantView | View tenants | -| TriggerCreate | Create triggers | -| TriggerDelete | Delete triggers | -| TriggerEdit | Edit triggers | -| TriggerView | View triggers | -| VariableEdit | Edit variables belonging to a project | -| VariableView | View variables belonging to a project or library variable set | +| LibraryVariableSetCreate | Create library variable sets | +| LibraryVariableSetDelete | Delete library variable sets | +| LibraryVariableSetEdit | Edit library variable sets | +| LibraryVariableSetView | View library variable sets | +| LifecycleView | View lifecycles | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProjectCreate | Create projects | +| ProjectDelete | Delete projects | +| ProjectEdit | Edit project details | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| RunbookEdit | Edit runbooks | +| RunbookRunCreate | Create runbook runs | +| RunbookRunDelete | Delete runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskView | View summary-level information associated with a task | +| TeamView | View teams | +| TenantView | View tenants | +| TriggerCreate | Create triggers | +| TriggerDelete | Delete triggers | +| TriggerEdit | Edit triggers | +| TriggerView | View triggers | +| VariableEdit | Edit variables belonging to a project | +| VariableView | View variables belonging to a project or library variable set | ## Space Manager {#DefaultPermissions-SpaceManager} -| System Permission | Description | -| --------------------------- | ---------------------------------------- | -| TeamView | View teams | -| UserRoleView | View other user's roles | -| UserView | View users | - -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| AccountCreate | Create accounts | -| AccountDelete | Delete accounts | -| AccountEdit | Edit accounts | -| AccountView | View accounts | -| ActionTemplateCreate | Create step templates | -| ActionTemplateDelete | Delete step templates | -| ActionTemplateEdit | Edit step templates | -| ActionTemplateView | View step templates | -| ArtifactCreate | Manually create artifacts | -| ArtifactDelete | Delete artifacts | -| ArtifactEdit | Edit the details describing artifacts | -| ArtifactView | View the artifacts created manually and during deployment | -| BuildInformationAdminister | Replace or delete build information | -| BuildInformationPush | Create/update build information | -| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | -| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | -| BuiltInFeedPush | Push new packages to the built-in package repository | -| CertificateCreate | Create certificates | -| CertificateDelete | Delete certificates | -| CertificateEdit | Edit certificates | -| CertificateExportPrivateKey | Export certificate private-keys | -| CertificateView | View certificates | -| DefectReport | Block a release from progressing to the next lifecycle phase | -| DefectResolve | Unblock a release so it can progress to the next phase | -| DeploymentCreate | Deploy releases to target environments | -| DeploymentDelete | Delete deployments | -| DeploymentView | View deployments | -| EnvironmentCreate | Create environments | -| EnvironmentDelete | Delete environments | -| EnvironmentEdit | Edit environments | -| EnvironmentView | View environments | -| EventView | View Events, including access to the Audit screen | -| FeedEdit | Edit feeds | -| FeedView | View package feeds and the packages in them | -| GitCredentialEdit | Edit Git credentials | -| GitCredentialView | View Git credentials | -| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | -| InterruptionView | View interruptions generated during deployments | +| System Permission | Description | +| ----------------------- | ------------------------------------- | +| SshKnownHostsAdminister | Add, edit, and remove SSH known hosts | +| SshKnownHostsView | View SSH known hosts | +| TeamView | View teams | +| UserRoleView | View other user's roles | +| UserView | View users | + +| Space Permission | Description | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| AccountCreate | Create accounts | +| AccountDelete | Delete accounts | +| AccountEdit | Edit accounts | +| AccountView | View accounts | +| ActionTemplateCreate | Create step templates | +| ActionTemplateDelete | Delete step templates | +| ActionTemplateEdit | Edit step templates | +| ActionTemplateView | View step templates | +| ArtifactCreate | Manually create artifacts | +| ArtifactDelete | Delete artifacts | +| ArtifactEdit | Edit the details describing artifacts | +| ArtifactView | View the artifacts created manually and during deployment | +| BuildInformationAdminister | Replace or delete build information | +| BuildInformationPush | Create/update build information | +| BuiltInFeedAdminister | Replace or delete packages in the built-in package repository | +| BuiltInFeedDownload | Retrieve the contents of packages in the built-in package repository | +| BuiltInFeedPush | Push new packages to the built-in package repository | +| CertificateCreate | Create certificates | +| CertificateDelete | Delete certificates | +| CertificateEdit | Edit certificates | +| CertificateExportPrivateKey | Export certificate private-keys | +| CertificateView | View certificates | +| DefectReport | Block a release from progressing to the next lifecycle phase | +| DefectResolve | Unblock a release so it can progress to the next phase | +| DeploymentCreate | Deploy releases to target environments | +| DeploymentDelete | Delete deployments | +| DeploymentView | View deployments | +| EnvironmentCreate | Create environments | +| EnvironmentDelete | Delete environments | +| EnvironmentEdit | Edit environments | +| EnvironmentView | View environments | +| EventView | View Events, including access to the Audit screen | +| FeedEdit | Edit feeds | +| FeedView | View package feeds and the packages in them | +| GitCredentialEdit | Edit Git credentials | +| GitCredentialView | View Git credentials | +| InterruptionSubmit | Take responsibility for and submit interruptions generated during deployments | +| InterruptionView | View interruptions generated during deployments | | InterruptionViewSubmitResponsible | Take responsibility for and submit interruptions generated during deployments when the user is in a designated responsible team | -| LibraryVariableSetCreate | Create library variable sets | -| LibraryVariableSetDelete | Delete library variable sets | -| LibraryVariableSetEdit | Edit library variable sets | -| LibraryVariableSetView | View library variable sets | -| LifecycleCreate | Create lifecycles | -| LifecycleDelete | Delete lifecycles | -| LifecycleEdit | Edit lifecycles | -| LifecycleView | View lifecycles | -| MachineCreate | Create machines | -| MachineDelete | Delete machines | -| MachineEdit | Edit machines | -| MachinePolicyCreate | Create health check policies | -| MachinePolicyDelete | Delete health check policies | -| MachinePolicyEdit | Edit health check policies | -| MachinePolicyView | View health check policies | -| MachineView | View machines | -| ProcessEdit | Edit the deployment process and channels associated with a project | -| ProcessView | View the deployment process and channels associated with a project | -| ProjectCreate | Create projects | -| ProjectDelete | Delete projects | -| ProjectEdit | Edit project details | -| ProjectGroupCreate | Create project groups | -| ProjectGroupDelete | Delete project groups | -| ProjectGroupEdit | Edit project groups | -| ProjectGroupView | View project groups | -| ProjectView | View the details of projects | -| ProxyCreate | Create proxies | -| ProxyDelete | Delete proxies | -| ProxyEdit | Edit proxies | -| ProxyView | View proxies | -| ReleaseCreate | Create a release for a project | -| ReleaseDelete | Delete a release of a project | -| ReleaseEdit | Edit a release of a project | -| ReleaseView | View a release of a project | -| RunbookEdit | Edit runbooks | -| RunbookRunCreate | Create runbook runs | -| RunbookRunDelete | Delete runbook runs | -| RunbookRunView | View runbook runs | -| RunbookView | View runbooks | -| SubscriptionCreate | Create subscriptions | -| SubscriptionDelete | Delete subscriptions | -| SubscriptionEdit | Edit subscriptions | -| SubscriptionView | View subscriptions | -| TagSetCreate | Create tag sets | -| TagSetDelete | Delete tag sets | -| TagSetEdit | Edit tag sets | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskEdit | Edit server tasks | -| TaskView | View summary-level information associated with a task | -| TeamCreate | Create teams | -| TeamDelete | Delete teams | -| TeamEdit | Edit teams | -| TeamView | View teams | -| TenantCreate | Create tenants | -| TenantDelete | Delete tenants | -| TenantEdit | Edit tenants | -| TenantView | View tenants | -| TriggerCreate | Create triggers | -| TriggerDelete | Delete triggers | -| TriggerEdit | Edit triggers | -| TriggerView | View triggers | -| VariableEdit | Edit variables belonging to a project | -| VariableEditUnscoped | Edit non-environment scoped variables belonging to a project or library variable set | -| VariableView | View variables belonging to a project or library variable set | -| VariableViewUnscoped | View non-environment scoped variables belonging to a project or library variable set | -| WorkerEdit | Edit workers and worker pools | -| WorkerView | View the workers in worker pools | +| LibraryVariableSetCreate | Create library variable sets | +| LibraryVariableSetDelete | Delete library variable sets | +| LibraryVariableSetEdit | Edit library variable sets | +| LibraryVariableSetView | View library variable sets | +| LifecycleCreate | Create lifecycles | +| LifecycleDelete | Delete lifecycles | +| LifecycleEdit | Edit lifecycles | +| LifecycleView | View lifecycles | +| MachineCreate | Create machines | +| MachineDelete | Delete machines | +| MachineEdit | Edit machines | +| MachinePolicyCreate | Create health check policies | +| MachinePolicyDelete | Delete health check policies | +| MachinePolicyEdit | Edit health check policies | +| MachinePolicyView | View health check policies | +| MachineView | View machines | +| ProcessEdit | Edit the deployment process and channels associated with a project | +| ProcessView | View the deployment process and channels associated with a project | +| ProjectCreate | Create projects | +| ProjectDelete | Delete projects | +| ProjectEdit | Edit project details | +| ProjectGroupCreate | Create project groups | +| ProjectGroupDelete | Delete project groups | +| ProjectGroupEdit | Edit project groups | +| ProjectGroupView | View project groups | +| ProjectView | View the details of projects | +| ProxyCreate | Create proxies | +| ProxyDelete | Delete proxies | +| ProxyEdit | Edit proxies | +| ProxyView | View proxies | +| ReleaseCreate | Create a release for a project | +| ReleaseDelete | Delete a release of a project | +| ReleaseEdit | Edit a release of a project | +| ReleaseView | View a release of a project | +| RunbookEdit | Edit runbooks | +| RunbookRunCreate | Create runbook runs | +| RunbookRunDelete | Delete runbook runs | +| RunbookRunView | View runbook runs | +| RunbookView | View runbooks | +| SubscriptionCreate | Create subscriptions | +| SubscriptionDelete | Delete subscriptions | +| SubscriptionEdit | Edit subscriptions | +| SubscriptionView | View subscriptions | +| TagSetCreate | Create tag sets | +| TagSetDelete | Delete tag sets | +| TagSetEdit | Edit tag sets | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskEdit | Edit server tasks | +| TaskView | View summary-level information associated with a task | +| TeamCreate | Create teams | +| TeamDelete | Delete teams | +| TeamEdit | Edit teams | +| TeamView | View teams | +| TenantCreate | Create tenants | +| TenantDelete | Delete tenants | +| TenantEdit | Edit tenants | +| TenantView | View tenants | +| TriggerCreate | Create triggers | +| TriggerDelete | Delete triggers | +| TriggerEdit | Edit triggers | +| TriggerView | View triggers | +| VariableEdit | Edit variables belonging to a project | +| VariableEditUnscoped | Edit non-environment scoped variables belonging to a project or library variable set | +| VariableView | View variables belonging to a project or library variable set | +| VariableViewUnscoped | View non-environment scoped variables belonging to a project or library variable set | +| WorkerEdit | Edit workers and worker pools | +| WorkerView | View the workers in worker pools | ## System Administrator {#DefaultPermissions-SystemAdministrator} -| System Permission | Description | -|----------------------|------------------------------------------------------------------------------------------------------------------------------------------| -| AdministerSystem | Perform system-level functions like configuring HTTP web hosting, the public URL, server nodes, maintenance mode, and server diagnostics | -| ConfigureServer | Configure server settings like Authentication, SMTP, and HTTP Security Headers | -| EventRetentionDelete | Delete archived event files | -| EventRetentionView | View/list archived event files | -| EventView | View Events, including access to the Audit screen | -| PlatformHubEdit | Edit Platform Hub configuration and resources | -| PlatformHubView | View Platform Hub configuration and resources | -| SpaceCreate | Create spaces | -| SpaceDelete | Delete spaces | -| SpaceEdit | Edit spaces | -| SpaceView | View spaces | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskEdit | Edit server tasks | -| TaskView | View summary-level information associated with a task | -| TeamCreate | Create teams | -| TeamDelete | Delete teams | -| TeamEdit | Edit teams | -| TeamView | View teams | -| UserEdit | Edit users | -| UserInvite | Invite users to register accounts | -| UserRoleEdit | Edit user role definitions | -| UserRoleView | View other user's roles | -| UserView | View users | +| System Permission | Description | +| ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | +| AdministerSystem | Perform system-level functions like configuring HTTP web hosting, the public URL, server nodes, maintenance mode, and server diagnostics | +| ConfigureServer | Configure server settings like Authentication, SMTP, and HTTP Security Headers | +| EventRetentionDelete | Delete archived event files | +| EventRetentionView | View/list archived event files | +| EventView | View Events, including access to the Audit screen | +| PlatformHubEdit | Edit Platform Hub configuration and resources | +| PlatformHubView | View Platform Hub configuration and resources | +| SpaceCreate | Create spaces | +| SpaceDelete | Delete spaces | +| SpaceEdit | Edit spaces | +| SpaceView | View spaces | +| SshKnownHostsAdminister | Add, edit, and remove SSH known hosts | +| SshKnownHostsView | View SSH known hosts | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskEdit | Edit server tasks | +| TaskView | View summary-level information associated with a task | +| TeamCreate | Create teams | +| TeamDelete | Delete teams | +| TeamEdit | Edit teams | +| TeamView | View teams | +| UserEdit | Edit users | +| UserInvite | Invite users to register accounts | +| UserRoleEdit | Edit user role definitions | +| UserRoleView | View other user's roles | +| UserView | View users | ## System Manager {#DefaultPermissions-SystemManager} -| System Permission | Description | -|----------------------|--------------------------------------------------------------------------------| -| ConfigureServer | Configure server settings like Authentication, SMTP, and HTTP Security Headers | -| EventRetentionDelete | Delete archived event files | -| EventRetentionView | View/list archived event files | -| EventView | View Events, including access to the Audit screen | -| PlatformHubEdit | Edit Platform Hub configuration and resources | -| PlatformHubView | View Platform Hub configuration and resources | -| SpaceCreate | Create spaces | -| SpaceDelete | Delete spaces | -| SpaceEdit | Edit spaces | -| SpaceView | View spaces | -| TaskCancel | Cancel server tasks | -| TaskCreate | Explicitly create (run) server tasks | -| TaskEdit | Edit server tasks | -| TaskView | View summary-level information associated with a task | -| TeamCreate | Create teams | -| TeamDelete | Delete teams | -| TeamEdit | Edit teams | -| TeamView | View teams | -| UserEdit | Edit users | -| UserInvite | Invite users to register accounts | -| UserRoleEdit | Edit user role definitions | -| UserRoleView | View other user's roles | -| UserView | View users | +| System Permission | Description | +| ----------------------- | ------------------------------------------------------------------------------ | +| ConfigureServer | Configure server settings like Authentication, SMTP, and HTTP Security Headers | +| EventRetentionDelete | Delete archived event files | +| EventRetentionView | View/list archived event files | +| EventView | View Events, including access to the Audit screen | +| PlatformHubEdit | Edit Platform Hub configuration and resources | +| PlatformHubView | View Platform Hub configuration and resources | +| SpaceCreate | Create spaces | +| SpaceDelete | Delete spaces | +| SpaceEdit | Edit spaces | +| SpaceView | View spaces | +| SshKnownHostsAdminister | Add, edit, and remove SSH known hosts | +| SshKnownHostsView | View SSH known hosts | +| TaskCancel | Cancel server tasks | +| TaskCreate | Explicitly create (run) server tasks | +| TaskEdit | Edit server tasks | +| TaskView | View summary-level information associated with a task | +| TeamCreate | Create teams | +| TeamDelete | Delete teams | +| TeamEdit | Edit teams | +| TeamView | View teams | +| UserEdit | Edit users | +| UserInvite | Invite users to register accounts | +| UserRoleEdit | Edit user role definitions | +| UserRoleView | View other user's roles | +| UserView | View users | ## Tenant Manager {#DefaultPermissions-TenantManager} -| Space Permission | Description | -| --------------------------- | ---------------------------------------- | -| TenantCreate | Create tenants | -| TenantDelete | Delete tenants | -| TenantEdit | Edit tenants | -| TenantView | View tenants | \ No newline at end of file +| Space Permission | Description | +| ---------------- | -------------- | +| TenantCreate | Create tenants | +| TenantDelete | Delete tenants | +| TenantEdit | Edit tenants | +| TenantView | View tenants |