Global Permissions
This topic provides details about global permissions in Release.
What are permissions?
Permissions are specific rights that are provided to users to control their activity in Release. It basically controls a user's access to different parts of the Release application.
A user must have a role assigned and this role must have a permission assigned.
Release includes fine-grained access control to ensure the security of your releases. Global permissions apply across the entire Release system.
The Permissions page in Users and permissions settings is visible only to users with Admin or Edit Security global permissions.
The Permissions Page
Select Settings > Users and permissions > Permissions to view the Permissions page. By default, the Users page is displayed.
The following global permissions are available:
| Permission | Description |
|---|---|
| Admin | All permissions. |
| Login | Provides the capability to allow or restrict the users who can log in to the Digital.ai Release application. |
| Edit security | Access to the Roles and Permissions pages and permission to edit security on releases and templates. |
| Create template | Create a new template. Note: This permission also includes global triggers. |
| Create release | Create a release from any template. Additionally, see the Create Release template permission. |
| View Reports and Digital.ai Analytics | View global and analytics dashboards. |
| Audit data | Read-only permission for data access and view audit reports. This permission is tied to the Digital.ai Analytics Service User role. |
| Create Custom dashboards | Create, edit, or delete a custom dashboard. |
| Edit global variables | Edit global variables (available in Release 4.8.0 and later). |
| Create top level folders | Create folders. |
| Edit blackout periods | Create, edit, or delete a blackout period. |
| Edit risk profiles | Create, edit, or delete a risk profile. |
| Edit environments | Create, edit or delete an environment. Permission is required to create stages and create environment labels. |
| Edit applications | Create, edit, or delete an application. |
| Edit environment reservations | Access the scheduling pages, make a schedule, or reserve an environment. |
| Runner registration | Access ro register Runners. |
Assign Global Permissions
- In the Permissions page, you can view the permissions in the Action column and the assigned roles in Roles column.
- To assign a new permission to a role, enter a search text (alphabets or numbers matching the name of the role) in the Roles column to auto-populate the list of roles created.
- Select the relevant role from the list or press Enter. Multiple roles can be assigned to a permission.
- Click Save to apply your changes.
- Click Reset to discard your changes and reload the current settings from the server.
Filter Permissions and Roles
You can use the Action and Roles search boxes to filter your permissions and roles respectively. This filtering becomes very helpful when you have multiple number of permissions.
Folder, Template, and Release Permissions
In addition to global security, you can enforce security on the folder, template, and release level. For more information, see Configure release teams and permissions.
Login Permission
-
The Release role-based access control is equipped with a dedicated login permission to simplify the security configuration by allowing only users with a specific role to login to Release.
-
You no longer have to exclude OIDC or LDAP users using the user search filter.
-
To restrict login only to specific roles, you can assign the roles to the new Login permission.
-
If you don't have a role assigned to the Login permission, then you will see the following screen when you try to log in to the Release application.
