Built-in Groups
Groups help simplify user management by bundling users with similar access needs. Each group in Astran Continuity Cloud is associated with a specific role, making permission assignments easy.
| Group Name | Description | Linked Role |
|---|---|---|
| iam-admin | Full control over identities managed in the built-in IdP. | N/A |
| default-admin | Full administrative privileges across accounts, including kits and S3 management. | astran-admin |
| default-kit-creator | Permission to create kits, upload files, execute processes. | astran-kit-creator |
| default-standard-user | Read-only access to kits, with some ability to upload data to checklists. | astran-standard-user |
| default-integration | Primarily for automation and API integration tasks. | astran-integration |
Built-in groups can be easily assigned to users to grant appropriate levels of access. These groups are associated with the built-in Continuity Cloud Portal Identity Provider configured in the platform and help in managing users efficiently. Each group is associated with specific roles to streamline access management.
iam-admin
The iam-admin group should not be deleted. It grants administrative privileges over the identities managed in the built-in Continuity Cloud Portal Identity Provider. Users in this group can manage all users and groups without any restrictions. Typically, user that belongs to this group are usually associated with the default-admin group too.
default-admin
The default-admin group grants administrative privileges over the account, allowing users to manage roles, policies, API keys, kits, and S3 buckets, objects and versions. This group is linked to the astran-admin role.
default-kit-creator
The default-kit-creator group allows users to create new continuity kits, upload files, and execute processes within the platform. However, users cannot delete files; only members of the default-admin group have that permission. This group is associated with the astran-kit-creator role.
default-standard-user
The default-standard-user group is assigned read-only access to continuity kits. Users can view and list kit's content, execute processes, and add data to executed checklists, but they cannot delete or modify kits. This group is linked to the astran-standard-user role.
default-integration
The default-integration group is designed for API integration purposes. Users in this group can create API keys and upload data, typically through automation, but they cannot view or delete any content. This group is associated with the astran-integration role.