5.3.7. Predefined Roles Available in Satellite
| Role | Permissions Provided by Role [a] |
|---|---|
| Access Insights Admin | Add and edit Insights rules. |
| Access Insights Viewer | View Insight reports. |
| Ansible Roles Manager | Play roles on hosts and host groups. View, destroy, and import Ansible roles. View, edit, create, destroy, and import Ansible variables. |
| Ansible Tower Inventory Reader | View facts, hosts, and host groups. |
| Bookmarks manager | Create, edit, and delete bookmarks. |
| Boot disk access | Download the boot disk. |
| Compliance manager | View, create, edit, and destroy SCAP content files, compliance policies, and tailoring files. View compliance reports. |
| Compliance viewer | View compliance reports. |
| Create ARF report | Create compliance reports. |
| Default role | The set of permissions that every user is granted, irrespective of any other roles. |
| Discovery Manager | View, provision, edit, and destroy discovered hosts and manage discovery rules. |
| Discovery Reader | View hosts and discovery rules. |
| Edit hosts | View, create, edit, destroy, and build hosts. |
| Edit partition tables | View, create, edit and destroy partition tables. |
| Manager | A role similar to administrator, but does not have permissions to edit global settings. In the Satellite web UI, global settings can be found under Administer > Settings. |
| Organization admin | An administrator role defined per organization. The role has no visibility into resources in other organizations. |
| Red Hat Access Logs | View the log viewer and the logs. |
| Remote Execution Manager | A role with full remote execution permissions, including modifying job templates. |
| Remote Execution User | Run remote execution jobs. |
| Site manager | A restrained version of the Manager role. |
| System admin |
Users with this role can create users and assign all roles to them. Therefore, ensure to give this role only to trusted users. |
| Tasks manager | View and edit Satellite tasks. |
| Tasks reader | A role that can only view Satellite tasks. |
| Viewer | A passive role that provides the ability to view the configuration of every element of the Satellite structure, logs, reports, and statistics. |
| View hosts | A role that can only view hosts. |
| Virt-who Manager | A role with full virt-who permissions. |
| Virt-who Reporter | Upload reports generated by virt-who to Satellite. It can be used if you configure virt-who manually and require a user role that has limited virt-who permissions. |
| Virt-who Viewer | View virt-who configurations. Users with this role can deploy virt-who instances using existing virt-who configurations. |
