Permissions in Stax

User permissions within Stax.

On This Page
Stax User Permissions

The below table provides a a list of Stax permissions for each Stax role.

KeyDescription
tickUser can perform this action
crossUser cannot perform this action

Stax User Permissions

ActionsAdminUserReadonlyCost & Compliance AdminDescription
accounts:CreateAccounttickcrosscrosscrossAllows the user to create an Account
accounts:CreateAccountTypetickcrosscrosscrossAllows the user to create an Account Type
accounts:DeleteAccountTypetickcrosscrosscrossAllows the user to delete an Account Type
accounts:DiscoverAccountstickcrosscrosscrossAllows the user to discover AWS Accounts associated with the Organization
accounts:OnboardAccountstickcrosscrosscrossAllows the user to onboard AWS Accounts associated with the Organization
accounts:ReadAccountTypestickticktickcrossAllows the user to view Account Types
accounts:ReadAccountsticktickticktickAllows the user to view Accounts
accounts:UpdateAccounttickcrosscrosscrossAllows the user to update an Account name, description and tags
accounts:UpdateAccountTypetickcrosscrosscrossAllows the user to update an Account Type
accounts:UpdateAccountTypeAccesstickcrosscrosscrossAllows the user to add an AWS role to an Account Type
account:UpdateAccountTypeMemberstickcrosscrosscrossAllows the user to move accounts between Account Types
account:UpdatePoliciestickcrosscrosscrossAllows the user to add or remove Policies from an Account Type
dashboard:ReadActivityFeedticktickticktickAllows the user to view the activity feed
events:CreateEventSourcetickcrosscrosscrossAllows the user to create an Event Source
events:DeleteEventSourcetickcrosscrosscrossAllows the user to delete an Event Source
events:ReadEventSourcesticktickticktickAllows the user to view an Event Source
events:UpdateEventSourcetickcrosscrosscrossAllows the user to update an Event Source
networking:CreateCIDRExclusiontickcrosscrosscrossAllows the user to create a CIDR Exclusion
networking:CreateCIDRRangetickcrosscrosscrossAllows the user to create a CIDR Range
networking:CreateDnsResolvertickcrosscrosscrossAllows the user to create a DNS Resolver
networking:CreateDnsRuletickcrosscrosscrossAllows the user to create a DNS Rule
networking:CreateDxAssociationtickcrosscrosscrossAllows the user to create a DX Association between a Stax Networking Hub or Stax VPC and a Stax DX Gateway
networking:CreateDxResourcetickcrosscrosscrossAllows the user to create a DX Resource, a DX Gateway and/or DX Vif
networking:CreateHubtickcrosscrosscrossAllows the user to create a Networking Hub
networking:CreateHubPrefixListtickcrosscrosscrossAllows the user to create a Networking Hub Prefix List
networking:CreateVPCticktickcrosscrossAllows the user to create a VPC
networking:CreateVPCPrefixListtickcrosscrosscrossAllows the user to create a VPC Prefix List
networking:CreateVpnConnectionticktickcrosscrossAllows the user to create a VPN Connection between a Stax Networking Hub or Stax VPC and a Stax VPN Customer Gateway
networking:CreateVpnCustomerGatewayticktickcrosscrossAllows the user to create a VPN Customer Gateway
networking:DeleteCIDRExclusiontickcrosscrosscrossAllows the user to delete a CIDR Exclusion
networking:DeleteCIDRRangetickcrosscrosscrossAllows the user to delete a CIDR Range
networking:DeleteDnsResolvertickcrosscrosscrossAllows the user to delete a DNS Resolver within a Stax Networking Hub
networking:DeleteDnsRuletickcrosscrosscrossAllows the user to delete a DNS Rule
networking:DeleteDxAssociationtickcrosscrosscrossAllows the user to delete a DX Association
networking:DeleteDxGatewaytickcrosscrosscrossAllows the user to delete a DX Gateway
networking:DeleteDxViftickcrosscrosscrossAllows the user to delete a DX Vif
networking:DeleteHubtickcrosscrosscrossAllows the user to delete a Networking Hub
networking:DeletePrefixListtickcrosscrosscrossAllows the user to delete a Prefix List
networking:DeleteVPCticktickcrosscrossAllows the user to delete a VPC
networking:DeleteVpnConnectionticktickcrosscrossAllows the user to delete a VPN Connection with a Stax VPN Customer Gateway
networking:DeleteVpnCustomerGatewayticktickcrosscrossAllows the user to delete a Stax VPN Customer Gateway
networking:ReadCIDRExclusionstickticktickcrossAllows the user to view CIDR Exclusions
networking:ReadCIDRRangetickticktickcrossAllows the user to view CIDR Ranges
networking:ReadDnsResolverstickticktickcrossAllows the user to view DNS Resolvers for a Stax Networking Hub
networking:ReadDnsRulestickticktickcrossAllows the user to view DNS Rules for Stax DNS Resolvers
networking:ReadDxAssociationstickticktickcrossAllows the user to view DX Associations
networking:ReadDxConnectionstickticktickcrossAllows the user to view DX Connections within Accounts
networking:ReadDxResourcestickticktickcrossAllows the user to view DX Gateways
networking:ReadDxVifStatustickticktickcrossAllows the user to view DX Vifs
networking:ReadHubstickticktickcrossAllows the user to view Networking Hubs
networking:ReadPrefixListtickticktickcrossAllows the user to view Prefix Lists
networking:ReadVPCstickticktickcrossAllows the user to view VPCs
networking:ReadVpnConnectionticktickcrosscrossAllows the user to view VPN Connections
networking:ReadVpnConnectionStatusticktickcrosscrossAllows the user to view the connectivity status of VPN Tunnels for VPN Connections
networking:ReadVpnCustomerGatewaysticktickcrosscrossAllows the user to view VPN Customer Gateways
networking:UpdateCIDRExclusiontickcrosscrosscrossAllows the user to update a CIDR Exclusion
networking:UpdateCIDRRangetickcrosscrosscrossAllows the user to update a CIDR Range
networking:UpdateDnsResolvertickcrosscrosscrossAllows the user to update a DNS Resolver
networking:UpdateDnsRuletickcrosscrosscrossAllows the user to update a DNS Rule
networking:UpdateDxAssociationtickcrosscrosscrossAllows the user to update a DX Association
networking:UpdateDxViftickcrosscrosscrossAllows the user to update a DX Vif
networking:UpdateHubtickcrosscrosscrossAllows the user to update a Networking Hub
networking:UpdateHubPrefixListAssociationtickcrosscrosscrossAllows the user to update a Networking Hub Prefix List Association
networking:UpdatePrefixListtickcrosscrosscrossAllows the user to update a Prefix List
networking:UpdateVPCticktickcrosscrossAllows the user to update a VPC
networking:UpdateVPCPrefixListAssociationtickcrosscrosscrossAllows the user to update a VPC Prefix List Association
networking:UpdateVpnConnectiontickcrosscrosscrossAllows the user to update a VPN Connection
networking:UpdateVpnCustomerGatewaytickcrosscrosscrossAllows the user to update a VPN Customer Gateway
organisations:AttachPolicytickcrosscrosscrossAllows the user to attach a Policy to an Organization
organisations:CreatePolicytickcrosscrosscrossAllows the user to create a Policy
organisations:DeletePolicytickcrosscrosscrossAllows the user to delete a Policy
organisations:DetachPolicytickcrosscrosscrossAllows the user to detach a Policy from an Organization
organisations:ReadOrganisationtickticktickcrossAllows the user to view their Organization details
organisations:ReadPoliciestickticktickcrossAllows the user to view Policies
organisations:UpdatePolicytickcrosscrosscrossAllows the user to update a Policy
permissionSets:CreateAssignmenttickcrosscrosscrossAllows the user to create an Assignment
permissionSets:CreatePermissionSettickcrosscrosscrossAllows the user to create a Permission Set
permissionSets:DeleteAssignmenttickcrosscrosscrossAllows the user to Delete an Assignment
permissionSets:ReadAssignmentsticktickticktickAllows the user to view Assignments
permissionSets:ReadPermissionSetsticktickticktickAllows the user to view Permission Sets
permissionSets:UpdateAssignmenttickcrosscrosscrossAllows the user to update an Assignment
permissionSets:UpdatePermissionSettickcrosscrosscrossAllows the user to update a Permission Set
support:AddCommentticktickcrosscrossAllows the user to add a comment to a support case
support:CreateCaseticktickcrosscrossAllows the user to create a support case
teams:CreateAPITokentickcrosscrosscrossAllows the user to create an API Token
teams:CreateGrouptickcrosscrosscrossAllows the user to create a Group
teams:CreateUsertickcrosscrosscrossAllows the user to invite a new team member
teams:DeleteAPITokentickcrosscrosscrossAllows the user to delete an API Token
teams:DeleteGrouptickcrosscrosscrossAllows the user to delete a Group
teams:DeleteUsertickcrosscrosscrossAllows the user to delete a team member
teams:ReadAPITokensticktickticktickAllows the user to view API Tokens
teams:ReadGroupsticktickticktickAllows the user to view Groups
teams:ReadUsersticktickticktickAllows the user to view all team members
teams:UpdateAPITokenstickcrosscrosscrossAllows the user to update an API Token
teams:UpdateGrouptickcrosscrosscrossAllows the user to update a Group
teams:UpdateGroupMemberstickcrosscrosscrossAllows the user to add a Group member
teams:UpdateUsertickcrosscrosscrossAllows the user to update a team member's details or deactivate/activate them
teams:UpdateUserPasswordticktickticktickAllows the user to request a password reset
workloads:CreateCatalogueItemtickcrosscrosscrossAllows the user to create a Workload Catalogue Item
workloads:CreateCatalogueVersiontickcrosscrosscrossAllows the user to create a Workload Catalogue Version within a Workload Catalogue Item
workloads:CreateWorkloadticktickcrosscrossAllows the user to deploy a Workload
workloads:DeleteCatalogueItemtickcrosscrosscrossAllows the user to delete a Workload Catalogue Item
workloads:DeleteCatalogueVersiontickcrosscrosscrossAllows the user to delete a Workload Catalogue Version
workloads:DeleteWorkloadticktickcrosscrossAllows the user to deactivate a Workload
workloads:ReadCatalogueItemsticktickticktickAllows the user to view the Workload Catalogue
workloads:ReadWorkloadsticktickticktickAllows the user to view active Workloads
workloads:UpdateWorkloadticktickcrosscrossAllows the user to update an active Workload