Project Roles

  • Capella Operational
      +
      Project roles are used to grant privileges to project collaborators.

      Each project collaborator is assigned one or more project roles that determine their privileges within the project. Project roles are separate from organization roles, which grant overall privileges to Couchbase Capella. Project roles control who can create cluster credentials and their level of access to cluster data.

      List of Project Roles

      The following table describes the available project roles and their privileges.

      Table 1. Project Roles
      Role Description

      Project Owner

      Provides complete cluster-management access. Users with this role can access data in any cluster in a project.

      A Project Owner has the following privileges:

      • Create and manage clusters

        • Edit cluster configurations and settings

        • Manage cluster services, including cluster scaling

        • Manage replications

        • Manage backups

        • Restore from backups

        • Configure allowed IP addresses

        • Create and manage buckets

      • Create and manage cluster credentials for all clusters in the project

      • Access data within any cluster in the project

      • Manage project collaborators and their roles

      • Delete the project

      A user with the Organization Owner role automatically has Project Owner privileges for all projects in the organization.

      Project Manager

      Provides access to management actions for all clusters in a project. This role can create and delete clusters but doesn’t provide access to data.

      A Project Manager has the following privileges for a project:

      • Create and manage clusters

        • Edit cluster configurations and settings

        • Manage cluster services, including cluster scaling

        • Configure allowed IP addresses

        • Create and manage buckets

      Project Viewer

      Provides read-only access to view all clusters in a project. This role doesn’t provide access to data.

      A Project Viewer has the following privileges for a project:

      • View all clusters in the project

        • View cluster activity, statistics, and logs

        • View cluster configuration details and settings

        • View allowed IP addresses

        • View buckets

        • View cluster credentials and their permissions

        • View cluster certificates

      • View cluster credentials for the clusters in the project

      • View members of the project and their roles

      • View project activity

      Cluster Data Reader

      Provides read-only access to view data within any cluster in a project. This role allows use of tools like the Query tab to read data but can’t modify or write data.

      A Cluster Data Reader has the following privileges for a project:

      • View all clusters in the project

        • View cluster activity, statistics, and logs

        • View cluster configuration details and settings

        • View allowed IP addresses

        • View cluster credentials and their permissions

        • View cluster certificates

      • View cluster credentials for the clusters in the project

      • View members of the project and their roles

      • View project activity

      • Read data within any cluster in the project

      Cluster Data Reader/Writer

      Provides read and write access to data within any cluster in a project.

      A Cluster Data Reader/Writer has the following privileges for a project:

      • View all clusters in the project

        • View cluster activity, statistics, and logs

        • View cluster configuration details and settings

        • View allowed IP addresses

        • View cluster credentials and their permissions

        • View cluster certificates

      • View cluster credentials for the clusters in the project

      • View members of the project and their roles

      • View project activity

      • Read and write data within any cluster in the project