Information for: DEVELOPERS   PARTNERS

About Cloud Platform permissions

A permission allows a user to perform specific operations in a Cloud Platform organization or application. Permissions are grouped into roles. Roles are then assigned to team members. All the team members who have the same roles have the same permissions.

Acquia defines over 40 separate, grouped permissions, listed in the following Permissions list table. You can also view all the available permissions by opening the Roles page for an organization and viewing a role, as described in Working with roles and permissions.

Many permissions distinguish between production and non-production environments. You can allow team members to only work on non-production environments, or grant access to both production and non-production environments. For example, the Senior developer role includes the permissions to pull and deploy code in production and non-production environments, while the Developer role only grants these permissions for non-production environments.

Permissions in Cloud Platform don’t control actions users take on your Drupal website, such as:

  • Creating content
  • Enabling and configuring Drupal modules
  • Adding or removing Drupal users

Use the Drupal permissions administration to control access to Drupal functions.

Notes for Site Factory subscribers

  • Site Factory subscribers must use the Site Factory domains functionality to add more domains to heir subscriptions. Domains added using the Cloud Platform user interface won’t work, and automated processes may delete them.
  • For more information about Cloud Platform permissions as part of an Site Factory subscription, see Configuring your Cloud Platform teams and permissions.

Permissions list

The following types of permissions are available to Cloud Platform users:

Administration permissions

Permission Cloud Platform Enterprise Cloud Platform Professional

Access the Cloud Platform API

(Required for Dev Desktop users. Not applicable for Cloud Platform API v2.)

yes yes
Add or remove a user of a team
This includes the ability to assign a user’s role, allowing a user with this permission give themselves any role, including Team Lead.
yes yes
Add application tags yes yes
Delete application tags yes yes
Edit Remote administration yes yes
View Remote administration yes yes

Cron permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Modify cron tasks for non-production environments yes yes
Modify cron tasks for the production environment yes yes

Database permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Add a database yes yes
Create database backups for non-production environments yes yes
Create database backups for the production environment yes yes
Download database backups for non-production environments yes yes
Download database backups for the production environment yes yes
Remove a database yes yes
Restore database backups for non-production environments yes yes
Restore database backups for the production environment yes yes
View database connection details (username, password, or hostname) yes yes

Domain permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Add or remove SSL certificates for non-production environments yes yes
Add or remove SSL certificates for production environments yes yes
Add or remove domains for non-production environments yes yes
Add or remove domains for production environment yes yes
Managing Platform CDN (provisioning/deprovisioning the CDN) for production environment yes yes
Managing Platform CDN for non-production environment yes yes

Insight permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Block Insight sites
Users with this permission can prevent applications from submitting data to Acquia Insight.
yes yes
Manage Insight alerts
Users with this permission can set Insight alerts to Ignore.
yes yes
Revoke Insight environment yes yes

Logs permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Administer log forwarding for non-production environments yes no
Administer log forwarding for the production environment yes no
Download logs for non-production environments yes yes
Download logs for the production environment yes yes

Pipelines permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Execute pipelines yes yes

SSH key permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Add SSH key to Git repository yes yes
Add SSH key to non-production environments yes yes
Add SSH key to the production environment yes yes

Search permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Edit the search schema on a subscription yes yes
Increase the search index limit on a subscription yes yes

Server administration permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Configure server no yes
Reboot server no yes
Resize server no yes
Suspend server no yes

Support permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Create a support ticket yes yes
Include as a collaborator on all tickets by default
(Permission is assignable to no more than 20 users. Administrators have priority for inclusion.)
yes yes
View and edit any support tickets for a subscription yes yes

Workflow permissions

Permission Cloud Platform Enterprise Cloud Platform Professional
Add an environment yes no
Clear caches for non-production environments yes yes
Clear caches for the production environment yes yes
Configure non-production environments yes yes
Configure production environment yes yes
Create and manage own remote IDEs yes yes
Delete an environment yes no
Deploy code, files, or databases to the production environment yes yes
Manage any remote IDEs yes yes
Manage environment variables on a non-production environment yes no
Manage environment variables on a production environment yes no
Move files from non-production environments yes yes
Move files from production environments yes yes
Move files to non-production environments yes yes
Move files to the production environment yes yes
Pull and deploy code, files, or databases to non-production environments
Also grants the ability to enable or disable Live Development.
yes yes
Pull files or databases from the production environment yes yes
View environment variables on a non-production environment yes no
View environment variables on a production environment yes no