A permission allows a user to perform specific operations in a Cloud Platform organization or application. Permissions are grouped into roles. Roles are then assigned to team members. All the team members who have the same roles have the same permissions.
Acquia defines over 40 separate, grouped permissions, listed in the following Permissions list table. You can also view all the available permissions by opening the Roles page for an organization and viewing a role, as described in Working with roles and permissions.
Many permissions distinguish between production and non-production environments. You can allow team members to only work on non-production environments, or grant access to both production and non-production environments. For example, the Senior developer role includes the permissions to pull and deploy code in production and non-production environments, while the Developer role only grants these permissions for non-production environments.
Permissions in Cloud Platform don’t control actions users take on your Drupal website, such as:
- Creating content
- Enabling and configuring Drupal modules
- Adding or removing Drupal users
Use the Drupal permissions administration to control access to Drupal functions.
Permissions list
The following types of permissions are available to Cloud Platform users:
- Acquia Code Studio permissions
- Acquia Search permissions
- Administration permissions
- Cron permissions
- Database permissions
- Domain permissions
- Logs permissions
- Pipelines permissions
- SSH key permissions
- Search permissions
- Infrastructure administration permissions
- Support permissions
- Workflow permissions
Acquia Code Studio permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Administer Code Studio for an application | ✓ | ✓ |
Acquia Search permissions¶
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
Acquia Search with Solr 7 With this permission, you can create, update, and delete indexes and configuration sets within an application. | ✓ | ✓ |
Administration permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Access the Cloud Platform API This permission is not applicable to Cloud Platform API v2. | ✓ | ✓ |
| Access to legacy product keys This permission gives you access to legacy product keys. | ✓ | ✓ |
| Add application tags | ✓ | ✓ |
| Add or remove a user of a team This permission enables users to assign themselves any user’s role, including the Team Lead role. | ✓ | ✓ |
| Delete application tags | ✓ | ✓ |
| Edit Remote administration | ✓ | ✓ |
| View Remote administration | ✓ | ✓ |
Cron permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Modify cron tasks for non-production environments | ✓ | ✓ |
| Modify cron tasks for the production environment | ✓ | ✓ |
Database permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Add a database | ✓ | ✓ |
| Create database backups for non-production environments | ✓ | ✓ |
| Create database backups for the production environment | ✓ | ✓ |
| Download database backups for non-production environments | ✓ | ✓ |
| Download database backups for the production environment | ✓ | ✓ |
| Remove a database | ✓ | ✓ |
| Restore database backups for non-production environments | ✓ | ✓ |
| Restore database backups for the production environment | ✓ | ✓ |
| View database connection details (username, password, or hostname) | ✓ | ✓ |
Domain permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Add or remove SSL certificates for non-production environments | ✓ | ✓ |
| Add or remove SSL certificates for production environments | ✓ | ✓ |
| Add or remove domains for non-production environments | ✓ | ✓ |
| Add or remove domains for production environment | ✓ | ✓ |
Logs permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Administer log forwarding for non-production environments | ✓ | 𐄂 |
| Administer log forwarding for the production environment | ✓ | 𐄂 |
| Download logs for non-production environments | ✓ | ✓ |
| Download logs for the production environment | ✓ | ✓ |
Pipelines permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Execute Pipelines | ✓ | ✓ |
SSH key permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Add SSH key to Git repository | ✓ | ✓ |
| Add SSH key to non-production environments | ✓ | ✓ |
| Add SSH key to the production environment | ✓ | ✓ |
Infrastructure administration permissions¶
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Configure server | 𐄂 | ✓ |
| Reboot server | 𐄂 | ✓ |
| Resize server | 𐄂 | ✓ |
| Suspend server | 𐄂 | ✓ |
Support permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Create a Support ticket | ✓ | ✓ |
| Include as a collaborator on all tickets by default (Permission is assignable to no more than 20 users. Administrators have priority for inclusion.) | ✓ | ✓ |
| View and edit any Support tickets for a subscription | ✓ | ✓ |
Workflow permissions
| Permission | Cloud Platform Enterprise | Cloud Platform Professional |
|---|---|---|
| Add a CD environment | ✓ | 𐄂 |
| Clear caches for non-production environments | ✓ | ✓ |
| Clear caches for the production environment | ✓ | ✓ |
| Configure non-production environments | ✓ | ✓ |
| Configure production environment | ✓ | ✓ |
| Create and manage own remote IDEs | ✓ | ✓ |
| Delete a CD environment | ✓ | 𐄂 |
| Deploy code, files, or databases to the production environment | ✓ | ✓ |
| Managing CDN (provisioning/deprovisioning the CDN) for production environment | ✓ | ✓ |
| Managing CDN for non-production environment | ✓ | ✓ |
| Manage Cloud Actions on non-production environments | ✓ | ✓ |
| Manage Cloud Actions on production environments | ✓ | ✓ |
| Manage any Cloud IDEs | ✓ | ✓ |
| Manage environment variables on a non-production environment | ✓ | 𐄂 |
| Manage environment variables on a production environment | ✓ | 𐄂 |
| Move files from non-production environments | ✓ | ✓ |
| Move files from production environments | ✓ | ✓ |
| Move files to non-production environments | ✓ | ✓ |
| Move files to the production environment | ✓ | ✓ |
| Pull and deploy code, files, or databases to non-production environments Also grants the ability to enable or disable Live Development. | ✓ | ✓ |
| Pull files or databases from the production environment | ✓ | ✓ |
| View environment variables on a non-production environment | ✓ | 𐄂 |
| View environment variables on a production environment | ✓ | 𐄂 |
Cloud Platform API endpoints for permissions
The Cloud Platform API provides endpoints for permission management, including:
Deprecated permissions
Acquia deprecates permissions when the associated feature or API endpoint is deprecated or scheduled to be deprecated.