Member Roles and Permissions

The predefined roles streamline administrative tasks by assigning specific permissions and restrictions to team members, ensuring operational efficiency and enhanced security.

Note - To change member role, seeManaging Members.

Roles

  • User

  • Admin

  • Manager

  • User Manager

  • Network Manager

  • Security Manager

  • Billing

Note - Admin and Billing roles and permissions are only for Perimeter 81 customers.

User

The User role allows access only to assigned applications and end-user features.

Permissions

Use the System: Access all features necessary for personal use of the platform.

Restrictions

  • Cannot manage or configure other users, networks, or system settings.

  • No visibility or access to other administrative areas within the system.

  • No access to Billing settings or activity logs.

  • Cannot modify Admin or Billing roles.

Admin

The Admin role allows full access to configure system settings, manage users, and assign roles across the platform.

Permissions

  • User Management: Full control over user roles and permissions.

  • Network Management: Full access to network configurations, including creation and modification of networks.

  • Billing Management: Access to billing information and subscription details.

  • System Configuration: Modify system settings and integrations.

  • Activity Logs: View all system activity logs.

Manager

The Manager role allows managing network, member, and application configurations, with restricted access to billing and administrative functions.

Permissions

  • User Management - Can manage user roles but cannot modify Admin or Billing roles.

  • Network Management - Full access to manage network configurations.

  • System Configuration - Modify application settings and user groupings.

  • Activity Logs - View network and user activity logs.

Restrictions

  • No access to Billing settings.

  • Cannot assign or modify Admin roles.

  • Limited access to administrative settings beyond network and member management.

User Manager

The User Manager role allows administrators to focus on managing members and device-related settings. This role is ideal for team members responsible for onboarding, monitoring, and managing user and device configurations.

Permissions

  • Access to Members and Devices interfaces: Full visibility and control over user and device-related settings.

  • User Management:

    • Invite and delete users.

    • Assign roles to users (except Admin and Billing roles).

  • Device Management:

    • Configure device posture settings.

    • Manage user configuration profiles.

  • Activity Logs: View logs related to Member Activity.

Restrictions

  • No visibility or access to other administrative areas within the system.

  • Cannot modify roles for Admin or Billing.

  • Limited access strictly to member and device management.

Network Manager

The Network Manager role grants team members the ability to manage network configurations, including creating, updating, and deleting networks. This role is ideal for team members responsible for maintaining network infrastructure.

Permissions

  • Network Management:

    • Access to all network management tools.

    • Create, modify, and delete networks, gateways, tunnels, and routes.

  • Activity Logs: View logs associated with network activity.

Restrictions

  • No access to other system management areas.

  • Limited visibility especially to the network related configurations.

Security Manager

The Security Manager role allows monitoring and managing security-related configurations and events across the platform, without access to user, network, or billing administration.

Permissions

  • Internet Access: Manage all Internet access settings.

  • Data Loss Prevention: Configure and monitor DLP policies.

  • Security Events: View and investigate security events.

  • Objects: Objects: Manage security objects such as Addresses and Custom URLs.

Restrictions

  • No access to User or Member management.

  • No access to Network configuration.

  • No access to system-wide administrative settings.

Billing

The Billing role allows to access financial and license related operations within the system.

Permissions

  • License Management: Allocate, revoke, and monitor licenses.

  • Billing Settings: Manage subscriptions, invoices, and payment methods.

Restrictions

  • No access to user management, network configuration, activity logs, or system settings.

  • No role assignment capabilities beyond license and billing scope.