Akuity Platform Custom Roles
Custom roles add support for Role Based Access Control (RBAC) for resources in the Akuity Platform (e.g. an Instance, or an Organization). Users can create and attach custom roles to API Keys to limit their access.
note
Support for custom roles on organization members is coming soon.
Managing Custom Roles
Only users with the Owner role in an organization can manage custom roles. They are read-only for everyone else.
You can create roles from the "API Keys" or "Members" tab in the organization settings page.
- Click on the "Manage Roles" label in table.
- Provide the name, description, and permissions of role. Then create the role.
- You can then use that role when creating an API key.
Available permissions
Here is a table of current permissions which can be used in a custom role
Resource | Get | Create | Update | Delete |
---|---|---|---|---|
Organization | ✅ | ❌ | ✅ | ✅ |
API Keys | ✅ | ✅ | ✅ | ✅ |
Audit Log | ✅ | ❌ | ❌ | ❌ |
Instance | ✅ | ✅ | ✅ | ✅ |
Cluster | ✅ | ✅ | ✅ | ✅ |
Kargo Instance | ✅ | ✅ | ✅ | ✅ |
SSO Configuration | ✅ | ✅ | ✅ | ✅ |
Billing | ✅ | ✅ | ✅ | ✅ |
Member Role | ❌ | ❌ | ✅ | ❌ |
OIDC Map | ✅ | ❌ | ✅ | ❌ |