platform/app/[:appId]/delete
When allowed, the holder will be allowed to delete the application(s) specified.
platform/app/create
When allowed, the holder will be allowed to create new applications.
platform/app/[:appId]/read
Grants the holder permission to view the application. Specifically, applications with read permission will be returned in the API call to list applications.
platform/app/[:appId]/airgap/create
Grants the holder permission to create airgap builds.
platform/app/[:appId]/branding/update
Grants the holder permission to create or update custom branding for he specified application(s). This grants the permission across all channels in the application, regardless of the permission to the specific channel.
platform/app/[:appId]/branding/delete
Grants the holder permission to remove custom branding from any channel in the specified application(s).
platform/app/[:appId]/branding/read
Grants the holder the ability to view the custom CSS for the application(s) specified.
platform/app/[:appId]/integration/list
Grants the holder the ability to list integrations for the specified application(s).
platform/app/[:appId]/image/list
Grants the holder the ability to list images stored in Replicated registry for the specified application(s).
platform/app/[:appId]/image/key/delete
Grants the holder the ability to Content Trust keys stored in Replicated registry for the specified application(s).
platform/app/[:appId]/externalregistry/list
Grants the holder the ability to list external docker registry fo the specified application(s).
platform/app/[:appId]/externalregistry/create
Grants the holder the ability to link a new external docker registry to the specified application(s).
platform/app/[:appId]/externalregistry/[:registryName]/update
Grants the holder the ability to edit the specified linked external docker registry in the specified application(s).
platform/app/[:appId]/externalregistry/[:registryName]/delete
Grants the holder the ability to delete the specified linked external docker registry in the specified application(s).
platform/app/[:appId]/channel/create
Grants the holder the ability to create a new channel in the specified application(s).
platform/app/[:appId]/channel/[:sequence]/archive
Grants the holder the ability the archive the specified channel(s) of the specified application(s).
platform/app/[:appId]/channel/[:sequence]/promote
Grants the holder the ability to promote a new release to the specified channel(s) of the specified application(s).
platform/app/[:appId]/channel/[:sequence]/update
Grants the holder permission to update the specified channel of the specified application(s).
platform/app/[:appId]/channel/[:sequence]/releases/read
Grants the holder permission to view the release history for the specified channel in the specified application(s).
platform/app/[:appId]/channel/[:sequence]/releases/update
Grants the holder permission to update the channel release in the channel specified of the application specified. This policy allows the holder to update the “Required”/“Optional” status, the release notes and the version number.
platform/app/[:appId]/channel/[:channelId]/read
platform/app/[:appId]/license/create
Grants the holder permission to create a new license in the specified application(s).
platform/app/[:appId]/license/[:licenseId]/archive
Grants the holder permission to archive the specified license (by ID) in the specified application(s).
platform/app/[:appId]/license/[:licenseId]/unarchive
Grants the holder permissions to unarchive the specified license (by ID) in the specified application(s).
platform/app/[:appId]/license/[:licenseId]/read
Grants the holder permission to view the license specified by ID. If this is denied, the licenses will not show up in search, CSV export or on the Vendor Portal.
platform/app/[:appId]/license/[:licenseId]/update
Grants the holder permission to edit the license specified (by ID) for the specified application(s).
platform/app/[:appId]/licensefields/create
Grants the holder permission to create new custom license fields in the specified application(s).
platform/app/[:appId]/licensefields/read
Grants the holder permission to read the license field information for the specified application(s).
platform/app/[:appId]/licensefields/update
Grants the holder poermission to update license fields in the specified application(s).
platform/app/[:appId]/licensefields/delete
Grants the holder permission to delete license fields from the specified application(s).
platform/app/[:appId]/release/create
Grants the holder permission to create a new release in the specified application(s).
platform/app/[:appId]/release/[:sequence]/update
Grants the holder permission to update the YAML saved in release sequence [:sequence] in the specified application(s). Once a release is promoted to a channel, it’s not editable by anyone.
platform/app/[:appId]/release/[:sequence]/read
Grants the holder permission to read the YAML release sequence [:sequence] in the specified application(s).
platform/app/[:appId]/release/[:sequence]/archive
Grants the holder permission to archive release sequence [:sequence] in the specified application(s).
platform/team/member/[:memberId]/read
Grants the holder permission to view the team member(s) information, specified by ID.
integration/catalog/list
Grants the holder permission to view the catalog events and triggers available for integrations.
team/integration/list
Grants the holder permission to view team’s integrations.
team/integration/create
Grants the holder permission to create an integration.
team/integration/[:integrationId]/delete
Grants the holder permission to delete specified integration(s).
team/integration/[:integrationId]/update
Grants the holder permission to update specified integration(s).
platform/team/member/invite
Grants the holder permission to invite additional people to the team.
platform/team/member/[:memberId]/delete
Grants the holder permission to delete the team member(s) specified by ID.
platform/team/member/[:memberId]/update
Grants the holder permission to update the team member(s) specified by ID.
platform/team/token/[:tokenName]/read
Grants the holder permission to view the API token(s) specified by name.
platform/team/token/create
Grants the holder permission to create new API tokens for the team.
platform/team/token/[:tokenName]/delete
Grants the holder permission to delete the token(s) identified by the names specified.
team/auditlog/read
Grants the holder permission to view the audit log for the team.
team/policy/read
Grants the holder permission to view RBAC policies for the team.
team/policy/update
Grants the holder permission to update RBAC policies for the team.
team/policy/delete
Grants the holder permission to delete RBAC policies for the team.
team/policy/create
Grants the holder permission to create RBAC policies for the team.
registry/namespace/:namespace/pull
Grants the holder permission to pull images from Replicated registry.
registry/namespace/:namespace/push
Grants the holder permission to push images into Replicated registry.
customer/list
Grants the holder the ability to see list of customers.
customer/[:customerId]/read
Grants the holder permission to view the customer information, specified by customer ID.
customer/create
Grants the holder permission to create a new customer.
customer/upload_avatar
Grants the holder permission to upload a avatar.
customer/[:customerId]/update
Grants the holder poermission to update customer informations, specified by customer ID.
customer/[:customerId]/delete
Grants the holder permission to remove customer.