Permission Level

The permission level of a user determines the user's ability to add resources to the organization, edit those resources, or to manage other users. You can delegate various levels of administrative permissions to users within your account, including Administrator, Database Administrator, Team Leader, and/or User. You do not need to have all administrative types set up.

Permission Level Descriptions

An Administrator has full administrative access to the entire organization. Only Administrators can create roles and grant access to datasources and servers.

An Auditor is a standard user account with the addition of read access to the administrative areas of the organization. Auditors can see all settings, logs, and entities (such as users, roles, and resources) within StrongDM, but they cannot add, remove, or modify them.

A Database Administrator can configure and manage resources (such as datasources, servers, clusters, clouds, and websites).

A Database Operator can configure, manage, and audit resources (such as datasources, servers, clusters, clouds, and websites). This permission level is similar to a Database Administrator but adds the ability to access all logs except for policy logs and activity logs.

A Team Leader can manage users within a particular role. This permission level is designed for managers who are in charge of a team but don't necessarily control the infrastructure they use. Team Leaders can invite new users exclusively to the role they manage, and those users inherit the same access as the Team Leader.

User is the default for any person invited to the account. Users can query and access the datasources and servers to which they have been granted access.

Permission Level Summary