Default Permissions

Default permissions can be set globally for all users for a product area, or for individual user groups within an area. By default, a product area's permissions are not enabled for any user or group, except for the admin user, which has all permissions for all role types granted. Use the Default Permissions page to set default permissions for the groups you create and for those included with the product.

Users added to a group inherit the group's default permissions.

Deployment Automation includes several role types mapped to product areas. Each role type has default roles with permissions that are appropriate for those roles. Groups added to a role inherit the role's permissions. For more information, see Role Configuration.

Note: Default permissions cannot be granted for system and UI security.

The permissions that are common to most product areas are shown in the following table.

Common Permissions table

Permission Description
Security Enables users to change an item's security settings. For example, a user with this permission for agents can determine which users can view, configure, and set security for them.
Write Enables users to add, change, and delete items. For example, a user with this permission for components can create a component.
Read Enables users to view an item, but not change it or create another of its type. For example, a user with this permission for agents can see agents within the user interface, but cannot modify them or create another unless granted additional permissions.
Execute Enables users to run processes associated with applications, components, environments, and resources. Users must also have read permission for an item before actually executing it.