This topic describes the permissions for different roles.
Role permissions
The organization roles and their permissions for users logged in through the OceanBase website are different from those for users logged in through the Huawei Cloud Marketplace. To add or remove organization members for users logged in through the Huawei Cloud Marketplace, please go to Huawei Cloud Marketplace Buyer Center.
Role permissions for users logged in through the OceanBase official website
| Role |
Description |
| Organization Admin |
The owner of the organization and the role with the highest permissions in the organization. Each organization has only one organization admin. The permissions include:
- Managing members in the organization and editing the role types of organization members.
- Granting all kinds of operation permissions in other roles.
- All operation permissions of the billing admin.
- All operation permissions of the project admin.
|
| Organization Member |
Read-only permissions for the current organization. Can be invited to be the instance admin or project member. |
| Billing Admin |
Access and operation permissions for all features in the billing module, including the permissions to view bills, orders, payment details, and export related data. |
Role permissions for users logged in through the Huawei Cloud Marketplace
| Role |
Description |
| Organization Admin |
The owner of the organization and the role with the highest permissions in the organization. Each organization has only one organization admin. The permissions include:
|
| Organization Member |
Read-only permissions for the current organization. Can be invited to be the instance admin or project member. |
| Billing Admin |
Access and operation permissions for all features in the billing module, including the permissions to view bills, orders, payment details, and export related data. |
Role permissions in a project
| Module |
Feature |
Project owner |
Project admin |
Instance admin |
Data read/write |
Data services admin |
Project member |
| Project management |
Invite project admins |
Invite |
Invite (excluding project admins) |
View |
View |
View |
View |
| Cross-project bidirectional authorization |
Initiate/accept cross-project bidirectional authorization |
Initiate/accept |
View |
View |
View |
View |
View |
| Product payment |
Create instances |
Place order and pay |
Place order and pay |
View |
View |
Place order (only for data migration instances) |
View |
| Product payment |
Renew annual/montly instances |
Place order and pay |
Place order and pay |
View |
View |
Place order (only for data migration instances) |
View |
| Product payment |
Change instance specifications |
Place order and pay |
Place order and pay |
View |
View |
Place order (only for data migration instances) |
View |
| Instance management |
Pause/Start instances |
Edit |
Edit |
Edit |
View |
View |
View |
| Instance management |
Release existing instances |
Edit |
Edit |
Edit |
View |
View |
View |
| Instance management |
Manage proxy nodes |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Create tenants |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Change tenant specifications |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Create tenant connections |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Rename tenants |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Create accounts |
Edit |
Edit |
Edit |
View |
View |
View |
| Tenant management |
Create databases |
Edit |
Edit |
Edit |
View |
View |
View |
| Performance monitoring |
Create custom monitoring dashboards |
Edit |
Edit |
Edit |
View |
View |
View |
| Backup and restore |
All backup and restore features |
Edit |
Edit |
Edit |
View |
View |
View |
| Parameter management |
Modify parameters |
Edit |
Edit |
Edit |
View |
View |
View |
| Major compaction management |
Initiate major compactions |
Edit |
Edit |
Edit |
View |
View |
View |
| Major compaction management |
Modify major compaction time |
Edit |
Edit |
Edit |
View |
View |
View |
| Major compaction management |
View major compaction history |
View |
View |
View |
View |
View |
View |
| Diagnostics |
SQL diagnostics |
Edit |
Edit |
Edit |
View |
View |
View |
| Diagnostics |
Session management |
Edit |
Edit |
Edit |
View |
View |
View |
| Diagnostics |
SQL audit |
Edit |
Edit |
No permission |
Edit |
No permission |
No permission |
| Data import |
Import data |
Edit |
Edit |
View |
View |
Edit |
View |
| Alert management |
Configure alert rules |
Edit |
Edit |
Edit (instances, data lifecycle) |
View |
Edit (Data Services) |
View |
| Alert management |
Mute alert notifications |
Edit |
Edit |
Edit (instances, data lifecycle) |
View |
Edit (Data Services) |
View |
| Alert management |
Manage alert contacts |
Edit |
Edit |
Edit |
View |
View |
View |
| Binlog |
Configure Binlog |
Edit |
Edit |
Edit |
View |
View |
View |
| Data migration |
Assess compatibility |
Edit |
Edit |
View |
View |
Edit |
View |
| Data migration |
Migrate data |
Edit |
Edit |
View |
View |
Edit |
View |
| Data migration |
Assess performance |
Edit |
Edit |
View |
View |
Edit |
View |
| SQL Console |
SQL Console |
Edit |
Edit |
No permission |
Edit |
No permission |
No permission |
| Historical events |
Console operation audit |
View |
View |
View |
No permission |
No permission |
No permission |
| Data lifecycle management |
Archive data |
Edit |
Edit |
View |
View |
Edit |
View |
| Data lifecycle management |
Purge data |
Edit |
Edit |
View |
View |
Edit |
View |
| Data sources |
Manage data sources |
Edit |
Edit |
View |
View |
Edit |
View |
| Tutorials |
Try interactive tutorials |
Edit |
Edit |
Edit (features that can be edited by this role) |
Edit (features that can be edited by this role) |
Edit (features that can be edited by this role) |
View |
| Network configuration |
Add VPC peering |
Edit |
Edit |
Edit |
View |
View |
View |
| Integrations |
Configure external ecosystem accounts |
Edit |
Edit |
Edit |
Edit |
View |
View |
