diff --git a/content/rancher/v2.x/en/admin-settings/rbac/global-permissions/_index.md b/content/rancher/v2.x/en/admin-settings/rbac/global-permissions/_index.md index 123a11ea5e1..036abcc3181 100644 --- a/content/rancher/v2.x/en/admin-settings/rbac/global-permissions/_index.md +++ b/content/rancher/v2.x/en/admin-settings/rbac/global-permissions/_index.md @@ -5,12 +5,14 @@ weight: 1126 _Permissions_ are individual access rights that you can assign when selecting a custom permission for a user. -Global Permissions define user authorization outside the scope of any particular cluster. Out-of-the-box, there are two default global permissions: `Administrator` and `Standard User`. +Global Permissions define user authorization outside the scope of any particular cluster. Out-of-the-box, there are three default global permissions: `Administrator`, `Standard User` and `User-base`. - **Administrator:** These users have full control over the entire Rancher system and all clusters within it. - **Standard User:** These users can create new clusters and use them. Standard users can also assign other users permissions to their clusters. +- **User-Base:** User-Base users have login-access only. + You cannot update or delete the built-in Global Permissions. This section covers the following topics: @@ -63,22 +65,22 @@ Administrators can enforce custom global permissions in multiple ways: ### Custom Global Permissions Reference -The following table lists each custom global permission available and whether it is included in the default global permissions, `Administrator` and `Standard User`. +The following table lists each custom global permission available and whether it is included in the default global permissions, `Administrator`, `Standard User` and `User-Base`. -| Custom Global Permission | Administrator | Standard User | -| ---------------------------------- | ------------- | ------------- | -| Create Clusters | ✓ | ✓ | -| Create RKE Templates | ✓ | ✓ | -| Manage Authentication | ✓ | | -| Manage Catalogs | ✓ | | -| Manage Cluster Drivers | ✓ | | -| Manage Node Drivers | ✓ | | -| Manage PodSecurityPolicy Templates | ✓ | | -| Manage Roles | ✓ | | -| Manage Settings | ✓ | | -| Manage Users | ✓ | | -| Use Catalog Templates | ✓ | ✓ | -| User Base\* (Basic log-in access) | ✓ | ✓ | +| Custom Global Permission | Administrator | Standard User | User-Base | +| ---------------------------------- | ------------- | ------------- |-----------| +| Create Clusters | ✓ | ✓ | | +| Create RKE Templates | ✓ | ✓ | | +| Manage Authentication | ✓ | | | +| Manage Catalogs | ✓ | | | +| Manage Cluster Drivers | ✓ | | | +| Manage Node Drivers | ✓ | | | +| Manage PodSecurityPolicy Templates | ✓ | | | +| Manage Roles | ✓ | | | +| Manage Settings | ✓ | | | +| Manage Users | ✓ | | | +| Use Catalog Templates | ✓ | ✓ | | +| User Base\* (Basic log-in access) | ✓ | ✓ | | > \*This role has two names: > @@ -169,4 +171,4 @@ To refresh group memberships, 1. From the **Global** view, click **Security > Users.** 1. Click **Refresh Group Memberships.** -**Result:** Any changes to the group members' permissions will take effect. \ No newline at end of file +**Result:** Any changes to the group members' permissions will take effect.