The following table describes the available user roles and the assigned permissions for each role.
Role | Permissions |
Global Admin | Read and write privileges to all Bare Metal Orchestrator resources across all clusters, pods, servers, sites, hardware profiles, and so on. Can create, edit, and delete users. Can assign and edit user roles. Cannot create, edit, or delete clusters. |
Support Admin | Can perform backup operations. Can put Bare Metal Orchestrator in Maintenance mode. |
Operator | Read and write privileges on all Bare Metal Orchestrator resources this user can access across the cluster. |
Global Reader | Read-only access on all Bare Metal Orchestrator resources across all clusters, pods, servers, sites, hardware profiles, and so on. |
Note: If a user is assigned multiple roles, the role with highest privileges is applied. |