By design, the following default roles are automatically created for each tenancy and tenant admins can assign these roles to other users in their tenancy. These roles help manage access and permissions for different users and applications. Here’s a brief overview of each role:
IAM-Related Roles
These roles are related to the Identity and Access Management (IAM) system:
ewc-iam-tenant-admin: This role is for administrators who manage IAM. Users with this role can create, delete, and modify other users, assign roles, and eventually manage authentication clients and identity providers.
ewc-iam-user: This role is for regular users. Users with this role can log in to the IAM self-service portal and update their basic profile information.
EWC Services-Related Roles
These roles apply to the various applications integrated within the EWC. The specific features each role provides may vary depending on the application:
ewc-app-admin: This role is for users who need full administrative access to any integrated application. They can manage, deploy, and create or modify resources within the applications.
ewc-app-maintainer: This role is for users who have advanced permissions but not full administrative rights. They can deploy, create, and modify resources within integrated applications.
ewc-app-user: This role is for regular users who need access to integrated applications but do not require administrative or advanced maintenance permissions.