Skip to main content

Built-in Groups

Groups help simplify user management by bundling users with similar access needs. Each group in Astran AlwaysReady® is associated with up to 10 policies, making permission assignments easy.

Group NameDescriptionLinked group
astran-adminFull administrative privileges across accounts, including kits and S3 management.astran-admin-user
astran-kit-creatorPermission to create kits, upload files, execute processes.astran-kit-creator-user
astran-standard-userRead-only access to kits, with some ability to upload data to checklists.astran-standard-user
astran-integrationPrimarily for automation and API integration tasks.astran-integration-user

Built-in groups can be easily assigned to users to grant appropriate levels of access.

astran-admin-user

The astran-admin-user group is linked to the AstranAdmin built-in policy. It provides full administrative access to all kits, S3 buckets, and IAM (authorization services). Users belonging to this group can manage and modify any resource within the account.

astran-kit-creator-user

The astran-kit-creator-user group allows users to create and modify kits and upload files to S3 buckets. However, Users belonging to this group alone are not permitted to delete any files or resources. This group is connected to the AstranKitCreator policy.

astran-standard-user

The astran-standard-user group provides read-only access to kits and S3 buckets, allowing users to view the contents and upload data to executed checklists. Deletion and modification of kits are not allowed for this group alone. This group is tied to the AstranStandardUser policy.

astran-integration-user

The astran-integration-user group is designed for integration tasks. Users belonging to this group alone can upload data to kits and buckets and manage API keys specifically for this group, but they cannot view or delete any content. This group is connected to the AstranIntegration policy.