User permissions

Default and custom roles allow admins to manage unique permissions for users based on your organization and database requirements.

You can manage roles using the Astra Portal or the DevOps API.

Astra Streaming Organization permissions

Console name	Description	DevOps API parameter
Read Audits	Enables read and download audits.	org-audits-read
Write IP Access List	Create or modify an access list using the DevOps API or the Astra console.	accesslist-write
Delete Custom Role	Delete of custom role.	org-role-delete
Manage Streaming	Create a Streaming Service using the DevOps API or the Astra console.	org-stream-manage
Write Organization	Create new organizations or delete an existing organization. Hides manage org and org settings.	org-write
Read Billing	Enables links and access to billing details page.	org-billing-read
Read IP Access List	Enables links and access to access list page.	accesslist-read
Read User	Access to viewing users of an organization.	org-user-read
Read Organization	View organization in the Astra console.	org-read
Read Custom Role	See a custom role and its associated permissions.	org-role-read
Read External Auth	See security settings related to external authentication providers.	org-external-auth-read
Read Token	Read token details.	org-token-read
Delete Custom Role	Delete of custom role.	org-role-delete
Notification Write	Enable or disable notifications in organization notification settings.	org-notification-write
Write Billing	Enables links and ability to add or edit billing payment info.	org-billing-write
Write User	Add, create, or remove a user using the DevOps API or the Astra console.	org-user-write
Write Custom Role	Create custom role.	org-role-write
Write External Auth	Update security settings related to external auth providers.	org-external-auth-write
Write Token	Create application token.	org-token-write

Console name

Description

DevOps API parameter

Read Audits

Enables read and download audits.

org-audits-read

Write IP Access List

Create or modify an access list using the DevOps API or the Astra console.

accesslist-write

Delete Custom Role

Delete of custom role.

org-role-delete

Manage Streaming

Create a Streaming Service using the DevOps API or the Astra console.

org-stream-manage

Write Organization

Create new organizations or delete an existing organization. Hides manage org and org settings.

org-write

Read Billing

Enables links and access to billing details page.

org-billing-read

Read IP Access List

Enables links and access to access list page.

accesslist-read

Read User

Access to viewing users of an organization.

org-user-read

Read Organization

View organization in the Astra console.

org-read

Read Custom Role

See a custom role and its associated permissions.

org-role-read

Read External Auth

See security settings related to external authentication providers.

org-external-auth-read

Read Token

Read token details.

org-token-read

Delete Custom Role

Delete of custom role.

org-role-delete

Notification Write

Enable or disable notifications in organization notification settings.

org-notification-write

Write Billing

Enables links and ability to add or edit billing payment info.

org-billing-write

Write User

Add, create, or remove a user using the DevOps API or the Astra console.

org-user-write

Write Custom Role

Create custom role.

org-role-write

Write External Auth

Update security settings related to external auth providers.

org-external-auth-write

Write Token

Create application token.

org-token-write

Astra DB Permissions

For documentation about Astra DB user permissions, see Astra DB User Permissions.