Role-Based Access Control (RBAC) Reference
Learn about the available permission levels within the Apono UI
Role-Based Access Control (RBAC) provides a structured approach to managing permissions within the Apono UI. By aligning access rights with specific job responsibilities, RBAC prevents unauthorized or conflicting administrative actions.
RBAC is especially powerful for enabling collaboration across multiple teams and professionals with different objectives. Each team member receives precisely the access they need to perform their specific tasks. At the same time, RBAC maintains overall system security and operational integrity.
Role Overview
You can assign any of the following roles to each user.
Admin
Full access to all features and functionalities
Usage: Only role authorized to create, delete, and assign roles to users
Power User
Access to most features except some user and account settings
Usage: Manages daily administrative tasks
Deployment
Permissions focused on infrastructure and deployment management
Usage: Ensures seamless deployment and infrastructure integrity
Viewer
Read-only access to reports and auditing functionalities
Usage: Monitors compliance and administrative activity without modifying resources
Grantee
(Portal UI only) Permissions focused on requesting and accessing resources Usage: Requests resources and connects to granted resources
Permissions
The following tables detail the permissions available to each role within the Apono UI.
Overview
Dashboard
View
✅
✅
✅
Right Sizing
Ensures your access flows grant the least-privileged access to users. Learn more.
View
✅
✅
✅
Filter
✅
✅
✅
Access Graph
Visualizes how access is granted to resources, whether JIT, via group membership or with standing access
View
✅
✅
✅
Filter
✅
✅
✅
Anomalies
Safeguards against potential risky access to your tools. Learn more.
View
✅
✅
✅
Filter
✅
✅
✅
JIT Protect
Assesses and remediated standing access to improve your cloud security posture. Learn more.
Explore
✅
✅
✅
Revoke Standing Access
✅
✅
Access Management
Access Flows
Enables creating automated, dynamic permission workflows that define access to sets of resources. Learn more.
View the access flow list
✅
✅
✅
Filter the access flow list
✅
✅
✅
Get an access flow
✅
✅
✅
Create an access flow
✅
✅
Edit an access flow
✅
✅
Enable an access flow
✅
✅
Disable an access flow
✅
✅
Delete an access flow
✅
✅
Bundles
Manages access to integrations, roles, and resources by grouping them together. Learn more.
View the bundles list
✅
✅
✅
Get a bundle
✅
✅
✅
Create a bundle
✅
✅
Edit a bundle
✅
✅
Delete a bundle
✅
✅
Environment
Integrations
View the integration list
✅
✅
✅
✅
Get an integration
✅
✅
✅
✅
View the catalog
✅
✅
✅
✅
Connect an integration
✅
✅
✅
Edit an integration
✅
✅
✅
Refresh an integration
✅
✅
✅
Delete an integration
✅
✅
✅
Connectors
View the connector list
✅
✅
✅
✅
Connect a connector
✅
✅
✅
Edit a connector
✅
✅
✅
Delete a connector
✅
✅
✅
Identities
Allows restricting resource access by creating specified, authenticated users or groups. Learn more.
View users
✅
✅
✅
Add a user
✅
Create a group
✅
✅
Edit a group
✅
✅
Delete a group
✅
✅
Inventory
Enables creating and managing queries of dynamic, reusable groups of resources. Learn more.
View the access scope list
✅
✅
✅
✅
Filter the access scope list
✅
✅
Create an access scope
✅
✅
Edit an access scope
✅
✅
Delete an access scope
✅
✅
Administration
Activity
View the activity list
✅
✅
✅
✅
Filter the activity list
✅
✅
✅
✅
Revoke access in drawer
✅
✅
Revoke all
✅
✅
Reports
View the report list
✅
✅
✅
Get a report
✅
✅
✅
Create a report
✅
✅
✅
Edit a report
✅
✅
✅
Export a report
✅
✅
✅
Schedule a report
✅
✅
✅
Delete a report
✅
✅
✅
Session Audit
View a session audit
✅
✅
✅
✅
Audit Log (Syslog)
Tracks system changes with a clear, chronological audit log for accountability and quick investigation.
View the audit log list
✅
✅
✅
✅
Filter the audit log list
✅
✅
✅
✅
Click the audit log drawer
✅
✅
✅
✅
Export the audit log
✅
✅
✅
✅
Webhooks
Sends Apono access request data to your internal systems with event-triggered HTTP messages. Learn more.
View the webhook list
✅
✅
✅
✅
View webhook history
✅
✅
✅
✅
Create a webhook
✅
✅
✅
Edit a webhook
✅
✅
✅
Enable a webhook
✅
✅
✅
Disable a webhook
✅
✅
✅
Delete a webhook
✅
✅
✅
Identity and Access Management (IAM) Administration
General (Settings)
View settings
✅
✅
✅
Manage settings
✅
✅
Profile
Edit profile (individual)
✅
✅
✅
✅
Privacy & Security
✅
✅
✅
✅
Account Details
View account details
✅
✅
✅
✅
Edit account details
✅
Users
View users list
✅
✅
✅
✅
Resend invitation email
✅
✅
✅
✅
Invite users
✅
Edit roles of users
✅
Log out user sessions
✅
Disable user
✅
Delete user
✅
Personal API Tokens
View API tokens
✅
✅
✅
✅
Create an API token
✅
✅
✅
✅
Delete an API token
✅
✅
✅
✅
Portal
Request access
✅
✅
✅
✅
✅
Access granted resources
✅
✅
✅
✅
✅
Last updated
Was this helpful?