Groups¶
A group is a collection of users. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users.
Here are some characteristics of a group:
-
A group can contain many users. A user can belong to many groups.
-
Groups cannot be nested.
-
There is no default group that automatically includes all users. If you want to have a group like that, you need to create it and assign each new user to it.
Default Groups¶
The following groups are provided as defaults. These groups can be edited or deleted to suit your needs.
Note
To see the definition of default policies, view the Policies and Permissions page.
-
BasicAccess. This group provides login access and the ability for a user to manage their own account information (name, password, MFA, etc.). The following policies are attached to this group:
- AnyPathResourceReadOnly
- AppSettingsReadOnly
- GoldStandardReadOnly
- GraphQLIntrospectionAllow
- ProductTourAccess
- ProductTourIntroDatabaseFullAccess
- TokenRefreshAccess
- UserProfileAccess
-
Admins. This group provides full privileges to the application. The following policies are attached to this group:
- AdminFullAccess
-
Editor. This group provides read and write privileges for all test environments. The following policies are attached to this group:
- AllDatabaseFullAccess
- AnyPathResourceFullAccess
- DatabaseManagement
- TagManagement
-
ReadOnly. This group provides read access to all test environments. The following policies are attached to this group:
- AllDatabaseReadOnly
- ListDatabases
-
DatabaseManager. This group provides the ability to manage all environments. The following policies are attached to this group:
- DatabaseManagementFullAccess
-
ManageIAM. This group provides the ability to manage users and policies. The following policies are attached to this group:
- IAMFullAccess