By design, the following default roles are automatically created for each tenancy. These roles help manage access and permissions for different users and applications. Here’s a brief overview of each role:
IAM-Related Roles
These roles are related to the Identity and Access Management (IAM) system:
ewc-iam-tenant-admin: This role is for administrators who manage IAM. Users with this role can create, delete, and modify other users, assign roles, and eventually manage authentication clients and identity providers.
ewc-iam-user: This role is for regular users. Users with this role can log in to the IAM self-service portal and update their basic profile information.
EWC Services-Related Roles
These roles apply to the various applications integrated within the EWC. The specific features each role provides may vary depending on the application:
ewc-app-admin: This role is for users who need full administrative access to any integrated application. They can manage, deploy, and create or modify resources within the applications.
ewc-app-maintainer: This role is for users who have advanced permissions but not full administrative rights. They can deploy, create, and modify resources within integrated applications.
ewc-app-user: This role is for regular users who need access to integrated applications but do not require administrative or advanced maintenance permissions.