RBAC (Role-Based Action Control)
RBAC in Venue.sh is a powerful yet easy-to-use feature that helps you manage access to resources and actions within the platform. It enables fine-grained control by assigning users predefined roles when they are added to teams.
Custom RBAC roles or permissions are not supported at this time.
Assigning Roles and Permissions
When an admin or editor adds a user to a team, they must assign the user one of the four predefined roles described below:
-
Admin - The admin role has the highest level of access. Admins can create, read, update, and delete all items in a Venue. Admin is the only role with permission to delete an organization and access billing information. Admins, along with editors, can also manage users within their organization.
-
Editor - Editors can create, read, update, and delete nearly all items in a Venue. Like admins, they can manage user roles and team settings, including inviting other users to the team.
-
Contributor - Contributors have the same broad read access as viewers. However, unlike viewers, they can import and manage their own entities and adjust team settings. Contributors do not have permission to manage user settings.
-
Viewer - The Viewer role provides read-only access across the organization. Viewers cannot create, update, or delete any items.
- Role-based dashboard view
- Your Venue dashboard and available actions will vary depending on your assigned role. For example, since users with the viewer role have no import permissions, import-related content does not appear on the viewer's dashboard.
- Onboarding steps for new users also vary based on assigned role.
Roles and Permissions Breakdown by Feature
| Feature | Admin | Editor | Contributor | Reader |
|---|---|---|---|---|
| Home (workspace) | Read | Read | Read | Read |
| Workspace - Manage | Create, Read, Update, Delete | Create, Read, Update, Delete | N/A | N/A |
| Catalog entities | Create, Read, Update, Delete | Create, Read, Update, Delete | Read | Read |
| Git connections | Create, Read, Update, Delete | Create, Read, Update, Delete | Read | Read |
| Plugins | Create, Read, Update | Create, Read, Update | Read | Read |
| Imports | Create, Read | Create, Read | Create, Read | N/A |
| Teams list | Create, Read, Update, Delete | Create, Read, Update, Delete | Read | Read |
| Team detail | Create, Read, Update, Delete | Create, Read, Update, Delete | N/A | N/A |
| Users | Create, Read, Update, Delete | Create, Read, Update, Delete | Read | Read |
| Account settings (profile) | Create, Read, Update, Delete | Create, Read, Update, Delete | Read, Update (personal info only) | Read, Update (personal info only) |
| Organization settings | Create, Read, Update, Delete | N/A | N/A | N/A |
| Scorecards | Create, Read, Update, Delete | Create, Read, Update, Delete | Read | Read |