Stax Roles - Stax Permissions

User permissions within Stax

On This Page
Stax User Permissions

The below table provides a a list of Stax permissions for each Stax role.

KeyDescription
tickUser can perform this action
crossUser cannot perform this action

Stax User Permissions

ActionsRootAdminUserReadonlyDescription
accounts:CreateAccountticktickcrosscrossAllows the user to create an Account
accounts:CreateAccountTypeticktickcrosscrossAllows the user to create an Account Type
accounts:DeleteAccountTypeticktickcrosscrossAllows the user to delete an Account Type
accounts:DiscoverAccountsticktickcrosscrossAllows the user to discover AWS Accounts associated with the Organization
accounts:OnboardAccountsticktickcrosscrossAllows the user to onboard AWS Accounts associated with the Organization
accounts:ReadAccountTypesticktickticktickAllows the user to view Account Types
accounts:ReadAccountsticktickticktickAllows the user to view Accounts
accounts:UpdateAccountticktickcrosscrossAllows the user to update an Account name, description and tags
accounts:UpdateAccountTypeticktickcrosscrossAllows the user to update an Account Type
accounts:UpdateAccountTypeAccessticktickcrosscrossAllows the user to add an AWS role to an Account Type
account:UpdateAccountTypeMembersticktickcrosscrossAllows the user to move accounts between Account Types
account:UpdatePoliciesticktickcrosscrossAllows the user to add or remove Policies from an Account Type
dashboard:ReadActivityFeedticktickticktickAllows the user to view the activity feed
networking:CreateCIDRExclusionticktickcrosscrossAllows the user to create a CIDR Exclusion
networking:CreateCIDRRangeticktickcrosscrossAllows the user to create a CIDR Range
networking:CreateDnsResolverticktickcrosscrossAllows the user to create a DNS Resolver
networking:CreateDnsRuleticktickcrosscrossAllows the user to create a DNS Rule
networking:CreateDxAssociationticktickcrosscrossAllows the user to create a DX Association between a Stax Networking Hub or Stax VPC and a Stax DX Gateway
networking:CreateDxResourceticktickcrosscrossAllows the user to create a DX Resource, a DX Gateway and/or DX Vif
networking:CreateHubticktickcrosscrossAllows the user to create a Networking Hub
networking:CreateVPCtickticktickcrossAllows the user to create a VPC
networking:CreateVpnConnectiontickticktickcrossAllows the user to create a VPN Connection between a Stax Networking Hub or Stax VPC and a Stax VPN Customer Gateway
networking:CreateVpnCustomerGatewaytickticktickcrossAllows the user to create a VPN Customer Gateway
networking:DeleteCIDRExclusionticktickcrosscrossAllows the user to delete a CIDR Exclusion
networking:DeleteCIDRRangeticktickcrosscrossAllows the user to delete a CIDR Range
networking:DeleteDnsResolverticktickcrosscrossAllows the user to delete a DNS Resolver within a Stax Networking Hub
networking:DeleteDnsRuleticktickcrosscrossAllows the user to delete a DNS Rule
networking:DeleteDxAssociationticktickcrosscrossAllows the user to delete a DX Association
networking:DeleteDxGatewayticktickcrosscrossAllows the user to delete a DX Gateway
networking:DeleteDxVifticktickcrosscrossAllows the user to delete a DX Vif
networking:DeleteHubticktickcrosscrossAllows the user to delete a Networking Hub
networking:DeleteVPCtickticktickcrossAllows the user to delete a VPC
networking:DeleteVpnConnectiontickticktickcrossAllows the user to delete a VPN Connection with a Stax VPN Customer Gateway
networking:DeleteVpnCustomerGatewaytickticktickcrossAllows the user to delete a Stax VPN Customer Gateway
networking:ReadCIDRExclusionsticktickticktickAllows the user to view CIDR Exclusions
networking:ReadCIDRRangeticktickticktickAllows the user to view CIDR Ranges
networking:ReadDnsResolversticktickticktickAllows the user to view DNS Resolvers for a Stax Networking Hub
networking:ReadDnsRulesticktickticktickAllows the user to view DNS Rules for Stax DNS Resolvers
networking:ReadDxAssociationsticktickticktickAllows the user to view DX Associations
networking:ReadDxConnectionsticktickticktickAllows the user to view DX Connections within Accounts
networking:ReadDxResourcesticktickticktickAllows the user to view DX Gateways
networking:ReadDxVifStatusticktickticktickAllows the user to view DX Vifs
networking:ReadHubsticktickticktickAllows the user to view Networking Hubs
networking:ReadVPCsticktickticktickAllows the user to view VPCs
networking:ReadVpnConnectiontickticktickcrossAllows the user to view VPN Connections
networking:ReadVpnConnectionStatustickticktickcrossAllows the user to view the connectivity status of VPN Tunnels for VPN Connections
networking:ReadVpnCustomerGatewaystickticktickcrossAllows the user to view VPN Customer Gateways
networking:UpdateCIDRExclusionticktickcrosscrossAllows the user to update a CIDR Exclusion
networking:UpdateCIDRRangeticktickcrosscrossAllows the user to update a CIDR Range
networking:UpdateDnsResolverticktickcrosscrossAllows the user to update a DNS Resolver
networking:UpdateDnsRuleticktickcrosscrossAllows the user to update a DNS Rule
networking:UpdateDxAssociationticktickcrosscrossAllows the user to update a DX Association
networking:UpdateDxVifticktickcrosscrossAllows the user to update a DX Vif
networking:UpdateHubticktickcrosscrossAllows the user to update a Networking Hub
networking:UpdateVPCtickticktickcrossAllows the user to update a VPC
networking:UpdateVpnConnectionticktickcrosscrossAllows the user to update a VPN Connection
networking:UpdateVpnCustomerGatewayticktickcrosscrossAllows the user to update a VPN Customer Gateway
organisations:AttachPolicyticktickcrosscrossAllows the user to attach a Policy to an Organization
organisations:CreatePolicyticktickcrosscrossAllows the user to create a Policy
organisations:DeletePolicyticktickcrosscrossAllows the user to delete a Policy
organisations:DetachPolicyticktickcrosscrossAllows the user to detach a Policy from an Organization
organisations:ReadOrganisationticktickticktickAllows the user to view their Organization details
organisations:ReadPoliciesticktickticktickAllows the user to view Policies
organisations:UpdatePolicyticktickcrosscrossAllows the user to update a Policy
support:AddCommenttickticktickcrossAllows the user to add a comment to a support case
support:CreateCasetickticktickcrossAllows the user to create a support case
teams:CreateAPITokenticktickcrosscrossAllows the user to create an API Token
teams:CreateGroupticktickcrosscrossAllows the user to create a Group
teams:CreateUserticktickcrosscrossAllows the user to invite a new team member
teams:DeleteAPITokenticktickcrosscrossAllows the user to delete an API Token
teams:DeleteGroupticktickcrosscrossAllows the user to delete a Group
teams:DeleteUserticktickcrosscrossAllows the user to delete a team member
teams:ReadAPITokensticktickticktickAllows the user to view API Tokens
teams:ReadGroupsticktickticktickAllows the user to view Groups
teams:ReadUsersticktickticktickAllows the user to view all team members
teams:UpdateAPITokensticktickcrosscrossAllows the user to update an API Token
teams:UpdateGroupticktickcrosscrossAllows the user to update a Group
teams:UpdateGroupMembersticktickcrosscrossAllows the user to add a Group member
teams:UpdateUserticktickcrosscrossAllows the user to update a team member's details or deactivate/activate them
teams:UpdateUserPasswordtickticktickcrossAllows the user to request a password reset
workloads:CreateCatalogueItemticktickcrosscrossAllows the user to create a Workload Catalogue Item
workloads:CreateCatalogueVersionticktickcrosscrossAllows the user to create a Workload Catalogue Version within a Workload Catalogue Item
workloads:CreateWorkloadtickticktickcrossAllows the user to deploy a Workload
workloads:DeleteCatalogueItemticktickcrosscrossAllows the user to delete a Workload Catalogue Item
workloads:DeleteCatalogueVersionticktickcrosscrossAllows the user to delete a Workload Catalogue Version
workloads:DeleteWorkloadtickticktickcrossAllows the user to deactivate a Workload
workloads:ReadCatalogueItemsticktickticktickAllows the user to view the Workload Catalogue
workloads:ReadWorkloadsticktickticktickAllows the user to view active Workloads
workloads:UpdateWorkloadtickticktickcrossAllows the user to update an active Workload