❗️
UPDATE NEEDED
Currently, Identity and Access in Cloud Manager is natively enabled for ENTER INTEGRATED SERVICES. To learn about the experience for non-natively enabled services, see Identity and Access for non-natively enabled services.

Account

Role name	Role type	Included permissions	Role description
`account_admin`	Account access	`generate_linode_lish_token_remote`, `list_events` , `disable_profile_tfa` , `view_account_settings` , `cancel_account` , `view_invoice_item` , `rebuild_linode` , `restore_linode_backup` , `update_linode_config_profile_interface` , `create_profile_ssh_key` , `update_profile` , `view_firewall_device` , `reset_oauth_client_secret` , `list_linode_nodebalancers` , `view_linode_config_profile` , `list_account_logins` , `list_profile_pats` , `revoke_profile_app` , `view_user` , `view_profile_ssh_key` , `delete_firewall` , `reset_linode_disk_root_password` , `enable_managed` , `create_firewall_device` , `update_linode_firewalls` , `view_firewall` , `delete_profile_phone_number` , `boot_linode` , `update_oauth_client_thumbnail` , `create_linode_disk` , `list_profile_security_questions` , `view_event` , `mark_event_seen` , `view_linode_backup` , `create_profile_pat` , `list_billing_payments` , `enroll_beta_program` , `update_oauth_client` , `view_linode` , `create_oauth_client` , `is_account_admin` , `update_profile_pat` , `enable_profile_tfa` , `view_account` , `list_notifications` , `rescue_linode` , `list_user_grants` , `view_user_preferences` , `answer_profile_security_questions` , `update_user` , `list_linode_volumes` , `view_profile_device` , `view_billing_invoice` , `view_payment_method` , `view_linode_monthly_stats` , `delete_linode` , `list_firewall_rule_versions` , `list_profile_apps` , `view_profile_pat` , `list_profile_grants` , `create_service_transfer` , `list_enrolled_beta_programs` , `clone_linode_disk` , `view_linode_monthly_network_transfer_stats` , `cancel_service_transfer` , `update_linode` , `update_default_firewalls` , `view_oauth_client` , `acknowledge_account_agreement` , `list_payment_methods` , `view_linode_stats` , `update_linode_config_profile` , `list_firewall_rules` , `generate_linode_lish_token` , `list_oauth_clients` , `revoke_profile_device` , `view_billing_payment` , `view_region_available_service` , `cancel_linode_backups` , `list_available_services` , `view_firewall_rule_version` , `view_profile_security_question` , `verify_profile_phone_number` , `shutdown_linode` , `list_profile_ssh_keys` , `create_linode_config_profile` , `create_payment_method` , `delete_linode_config_profile` , `update_firewall_rules` , `view_profile` , `delete_oauth_client` , `create_linode_config_profile_interface` , `update_user_preferences` , `password_reset_linode` , `view_linode_config_profile_interface` , `set_default_payment_method` , `upgrade_linode` , `resize_linode` , `view_linode_disk` , `enable_linode_backups` , `view_linode_network_transfer` , `create_profile_tfa_secret` , `make_billing_payment` , `list_account_agreements` , `delete_profile_pat` , `list_invoice_items` , `list_profile_logins` , `view_enrolled_beta_program` , `view_service_transfer` , `view_oauth_client_thumbnail` , `create_user` , `view_account_login` , `create_linode` , `update_account_settings` , `update_profile_ssh_key` , `delete_payment_method` , `list_profile_devices` , `update_account` , `list_firewall_devices` , `delete_linode_disk` , `list_service_transfers` , `clone_linode` , `view_profile_app` , `list_maintenances` , `create_linode_backup_snapshot` , `list_linode_firewalls` , `list_billing_invoices` , `delete_firewall_device` , `apply_linode_firewalls` , `reorder_linode_config_profile_interfaces` , `reboot_linode` , `delete_profile_ssh_key` , `list_default_firewalls` , `create_promo_code` , `view_network_usage` , `delete_linode_config_profile_interface` , `migrate_linode` , `resize_linode_disk` , `update_firewall` , `send_profile_phone_number_verification_code` , `create_firewall` , `update_linode_disk` , `accept_service_transfer` , `update_user_grants` , `delete_user` , `view_profile_login`	Allows the user to list, view, create, update, and delete all entities in the account.
`account_viewer`	Account access	`list_events` , `view_account_settings` , `view_invoice_item` , `list_profile_ssh_keys` , `view_firewall_device` , `list_linode_nodebalancers` , `view_linode_config_profile` , `view_profile` , `list_account_logins` , `list_profile_pats` , `view_user` , `view_profile_ssh_key` , `view_linode_config_profile_interface` , `view_firewall` , `view_linode_disk` , `view_linode_network_transfer` , `list_profile_security_questions` , `view_event` , `mark_event_seen` , `list_account_agreements` , `view_linode_backup` , `list_invoice_items` , `list_profile_logins` , `list_billing_payments` , `view_enrolled_beta_program` , `view_service_transfer` , `view_linode` , `view_oauth_client_thumbnail` , `view_account_login` , `view_account` , `list_notifications` , `list_user_grants` , `list_profile_devices` , `view_user_preferences` , `list_linode_volumes` , `view_profile_device` , `view_billing_invoice` , `view_payment_method` , `view_linode_monthly_stats` , `list_firewall_devices` , `list_service_transfers` , `view_profile_app` , `list_firewall_rule_versions` , `list_maintenances` , `list_profile_apps` , `view_profile_pat` , `list_profile_grants` , `list_enrolled_beta_programs` , `list_linode_firewalls` , `list_billing_invoices` , `view_linode_monthly_network_transfer_stats` , `list_default_firewalls` , `view_oauth_client` , `list_payment_methods` , `view_network_usage` , `view_linode_stats` , `list_firewall_rules` , `list_oauth_clients` , `view_billing_payment` , `view_region_available_service` , `list_available_services` , `view_firewall_rule_version` , `view_profile_security_question` , `view_profile_login`	Allows the user to list and view all entities in the account.
`account_billing_admin`	Account access	`list_billing_invoices`, `view_invoice_item`, `make_billing_payment`, `create_promo_code`, `list_payment_methods`, `list_invoice_items`, `create_payment_method`, `delete_payment_method`, `list_billing_payments`, `view_billing_invoice`, `view_payment_method`, `view_billing_payment`, `set_default_payment_method`	Allows the user to list and view all payments, invoices, and payment methods in the account, as well as make payments, create promo codes, and create, update, and delete payment methods.
`account_billing_viewer`	Account access	`list_billing_invoices`, `list_billing_payments`, `view_invoice_item`, `view_billing_invoice`, `view_payment_method`, `view_billing_payment`, `list_payment_methods`, `list_invoice_items`	Allows the user to list and view all payments, invoices, and payment methods in the account.
`account_event_viewer`	Account access	`list_events`, `view_event`, `mark_event_seen`	Allows the user to list and view all events in the account.
`account_notification_viewer`	Account access	`list_notifications`	Allows the user to list notifications in the account.
`account_maintenance_viewer`	Account access	`list_maintenances`	Allows the user to list maintenances in the account.
`account_oauth_client_admin`	Account access	`list_oauth_clients`, `update_oauth_client`, `update_oauth_client_thumbnail`, `reset_oauth_client_secret`, `create_oauth_client`, `view_oauth_client_thumbnail`, `view_oauth_client`, `delete_oauth_client`	Allows the user to create, list, view, update, and delete all OAuth client configurations in the account.
`account_oauth_client_viewer`	Account access	`list_oauth_clients`, `view_oauth_client_thumbnail`, `view_oauth_client`	Allows the user to list and view all OAuth client configurations in the account.

Linode

Role name	Role type	Included permissions	Role description
`account_linode_creator`	Account access	`create_linode`	Allows the user to create Linodes in the account.
`account_linode_admin`	Account access	`generate_linode_lish_token_remote`, `rebuild_linode`, `create_linode`, `shutdown_linode`, `restore_linode_backup`, `update_linode_config_profile_interface`, `create_linode_config_profile`, `rescue_linode`, `delete_linode_config_profile`, `list_linode_volumes`, `list_linode_nodebalancers`, `view_linode_monthly_stats`, `view_linode_config_profile`, `delete_linode_disk`, `delete_linode`, `clone_linode`, `create_linode_config_profile_interface`, `password_reset_linode`, `view_linode_config_profile_interface`, `reset_linode_disk_root_password`, `upgrade_linode`, `resize_linode`, `update_linode_firewalls`, `create_linode_backup_snapshot`, `list_linode_firewalls`, `boot_linode`, `view_linode_disk`, `clone_linode_disk`, `view_linode_monthly_network_transfer_stats`, `enable_linode_backups`, `update_linode`, `view_linode_network_transfer`, `apply_linode_firewalls`, `reorder_linode_config_profile_interfaces`, `reboot_linode`, `create_linode_disk`, `view_linode_stats`, `update_linode_config_profile`, `view_linode_backup`, `migrate_linode`, `generate_linode_lish_token`, `view_linode`, `resize_linode_disk`, `update_linode_disk`, `cancel_linode_backups`	Allows the user to list, view, update, and delete all Linode instances in the account.
`linode_admin`	Entity access	`generate_linode_lish_token_remote`, `rebuild_linode`, `shutdown_linode`, `restore_linode_backup`, `update_linode_config_profile_interface`, `create_linode_config_profile`, `rescue_linode`, `delete_linode_config_profile`, `list_linode_volumes`, `list_linode_nodebalancers`, `view_linode_monthly_stats`, `view_linode_config_profile`, `delete_linode_disk`, `delete_linode`, `clone_linode`, `create_linode_config_profile_interface`, `password_reset_linode`, `view_linode_config_profile_interface`, `reset_linode_disk_root_password`, `upgrade_linode`, `resize_linode`, `update_linode_firewalls`, `create_linode_backup_snapshot`, `list_linode_firewalls`, `boot_linode`, `view_linode_disk`, `clone_linode_disk`, `view_linode_monthly_network_transfer_stats`, `enable_linode_backups`, `update_linode`, `view_linode_network_transfer`, `apply_linode_firewalls`, `reorder_linode_config_profile_interfaces`, `reboot_linode`, `create_linode_disk`, `view_linode_stats`, `update_linode_config_profile`, `view_linode_backup`, `delete_linode_config_profile_interface`, `migrate_linode`, `generate_linode_lish_token`, `view_linode`, `resize_linode_disk`, `update_linode_disk`, `cancel_linode_backups`	Allows the user to view, update, and delete Linode instances attached to this role, as well as create, list, view, update, and delete their backups, config profiles, and disks.
`linode_contributor`	Enitity access	`generate_linode_lish_token_remote`, `rebuild_linode`, `shutdown_linode`, `restore_linode_backup`, `update_linode_config_profile_interface`, `create_linode_config_profile`, `rescue_linode`, `list_linode_volumes`, `list_linode_nodebalancers`, `view_linode_monthly_stats`, `view_linode_config_profile`, `clone_linode`, `create_linode_config_profile_interface`, `password_reset_linode`, `view_linode_config_profile_interface`, `reset_linode_disk_root_password`, `upgrade_linode`, `resize_linode`, `update_linode_firewalls`, `create_linode_backup_snapshot`, `list_linode_firewalls`, `boot_linode`, `view_linode_disk`, `clone_linode_disk`, `view_linode_monthly_network_transfer_stats`, `enable_linode_backups`, `update_linode`, `view_linode_network_transfer`, `apply_linode_firewalls`, `reorder_linode_config_profile_interfaces`, `reboot_linode`, `create_linode_disk`, `view_linode_stats`, `update_linode_config_profile`, `view_linode_backup`, `migrate_linode`, `generate_linode_lish_token`, `view_linode`, `resize_linode_disk`, `update_linode_disk`	Allows the user to view and update Linode instances attached to this role, as well as create, list, view, and update their backups, config profiles, and disks.
`linode_viewer`	Entity access	`list_linode_firewalls`, `list_linode_volumes`, `view_linode_disk`, `view_linode`, `view_linode_monthly_network_transfer_stats`, `view_linode_network_transfer`, `list_linode_nodebalancers`, `view_linode_monthly_stats`, `view_linode_config_profile`, `view_linode_stats`, `view_linode_backup`, `view_linode_config_profile_interface`	Allows the user to view Linode instances attached to this role and their backups, config profiles, and disks.

Firewall

Role name	Role type	Included permissions	Role description
`account_firewall_creator`	Account access	`create_firewall`	Allows the user to create firewalls in the account
`account_firewall_admin`	Account access	`view_firewall`, `list_firewall_rules`, `view_firewall_device`, `update_firewall`, `delete_firewall_device`, `create_firewall`, `update_firewall_rules`, `list_firewall_devices`, `delete_firewall`, `view_firewall_rule_version`, `list_firewall_rule_versions`, `create_firewall_device`	Allows the user to list, view, update, and delete all firewall instances in the account.
`firewall_admin`	Entity access	`view_firewall`, `list_firewall_rules`, `view_firewall_device`, `update_firewall`, `delete_firewall_device`, `update_firewall_rules`, `list_firewall_devices`, `delete_firewall`, `view_firewall_rule_version`, `list_firewall_rule_versions`, `create_firewall_device`	Allows the user to view, update, and delete firewall instances in the account as well as view, create, and delete their devices and rules.
`firewall_viewer`	Enitity access	`view_firewall`, `list_firewall_rules`, `view_firewall_device`, `list_firewall_devices`, `view_firewall_rule_version`, `list_firewall_rule_versions`	Allows the user to view firewall instances attached to this role, as well as list and view their devices and rules.
`firewall_contributor`	Enitity access	`view_firewall`, `list_firewall_rules`, `view_firewall_device`, `update_firewall`, `update_firewall_rules`, `list_firewall_devices`, `view_firewall_rule_version`, `list_firewall_rule_versions`, `create_firewall_device`	Allows the user to view and update firewall instances attached to this role, as well as view their devices and view and update their rules.

Nodebalancer

Role name	Role type	Role description
`account_nodebalancer_creator`	Account access	Allows the user to create NodeBalancers in the account.
`nodebalancer_admin`	Entity access	Allows the user to view, update, and delete NodeBalancer instances attached to this role, as well as create, list, view, update, and delete their configs.
`nodebalancer_viewer`	Enitity access	Allows the user to view NodeBalancer instances attached to this role and their configs.

VPC

Role name	Role type	Role description
`account_vpc_creator`	Account access	Allows the user to create VPCs in the account.
`vpc_admin`	Entity access	Allows the user to view, update, and delete VPC instances attached to this role, as well as view, create, update, and delete their subnets.
`vpc_viewer`	Enitity access	Allows the user to view VPC instances attached to this role and their subnets.

Volumne

Role name	Role type	Role description
`account_volume_creator`	Account access	Allows the user to create Volumes in the account.
`volume_admin`	Entity access	Allows the user to view, update, attach, clone, detach, resize, and delete Volume instances attached to this role.
`volume_viewer`	Enitity access	Allows the user to view Volume instances attached to this role.

Image

Role name	Role type	Role description
`account_image_creator`	Account access	Allows the user to create Images in the account.
`image_admin`	Entity access	Allows the user to view, update, replicate, and delete Image instances attached to this role.
`image_viewer`	Enitity access	Allows the user to view Volume instances attached to this role.

LKE clusters

This service is not yet nativaly-enabled. To learn more about the experience, see Identity and Access for non-natively enabled services.

Role name	Role type	Included permissions	Role description
`account_lkecluster_creator`	Account access	N/A	Allows the user the same access as the legacy "Can add Kubernetes Clusters to this account ($)" general permission.
`lkecluster_admin`	Entity access	N/A	Allows the user the same access as the legacy Read-Write special permission for the LKE clusters attached to this role.
`lkecluster_viewer`	Enitity access	N/A	Allows the user the same access as the legacy Read-Only special permission for the LKE clusters attached to this role.

Domain

This service is not yet nativaly-enabled. To learn more about the experience, see Identity and Access for non-natively enabled services.

Role name	Role type	Included permissions	Role description
`account_domain_creator`	Account access	N/A	Allows the user the same access as the legacy "Can add Domains using the DNS Manager" general permission.
`domain_admin`	Entity access	N/A	Allows the user the same access as the legacy Read-Write special permission for the Domains attached to this role.
`domain_viewer`	Enitity access	N/A	Allows the user the same access as the legacy Read-Only special permission for the Domains attached to this role.

Stackscript

This service is not yet nativaly-enabled. To learn more about the experience, see Identity and Access for non-natively enabled services.

Role name	Role type	Included permissions	Role description
`account_stackscript_creator`	Account access	N/A	Allows the user the same access as the legacy "Can add Stackscripts under this account" general permission.
`stackscript_admin`	Entity access	N/A	Allows the user the same access as the legacy Read-Write special permission for the Stackscripts attached to this role.
`stackscript_viewer`	Enitity access	N/A	Allows the user the same access as the legacy Read-Only special permission for the Stackscripts attached to this role.

Database

This service is not yet nativaly-enabled. To learn more about the experience, see Identity and Access for non-natively enabled services.

Role name	Role type	Included permissions	Role description
`account_database_creator`	Account access	N/A	Allows the user the same access as the legacy "Can add Databases to this account ($)" general permission.
`database_admin`	Entity access	N/A	Allows the user the same access as the legacy Read-Write special permission for the Databases attached to this role.
`database_viewer`	Enitity access	N/A	Allows the user the same access as the legacy Read-Only special permission for the Databases attached to this role.

Longview

This service is not yet nativaly-enabled. To learn more about the experience, see Identity and Access for non-natively enabled services.

Role name	Role type	Included permissions	Role description
`account_longview_creator`	Account access	N/A	Allows the user the same access as the legacy "Can add Longview clients to this account" general permission.
`account_longview_subscription_admin`	Account access	N/A	Allows the user the same access as the legacy. "Can modify this account's Longview subscription ($)" general permission.
`longview_admin`	Entity access	N/A	Allows the user the same access as the legacy Read-Write special permission for the Longview clients attached to this role.
`longview_viewer`	Enitity access	N/A	Allows the user the same access as the legacy Read-Only special permission for the Longview clients attached to this role.

Available roles (Beta)

❗️
UPDATE NEEDED

Account

Linode

Firewall

Nodebalancer

VPC

Volumne

Image

LKE clusters

Domain

Stackscript

Database

Longview

❗️UPDATE NEEDED

Account

Linode

Firewall

Nodebalancer

VPC

Volumne

Image

LKE clusters

Domain

Stackscript

Database

Longview

❗️
UPDATE NEEDED