# Roles This section explains the available roles in the NVIDIA Run:ai platform. A role is a set of permissions that can be assigned to a [subject in a scope](https://run-ai-docs.nvidia.com/self-hosted/2.20/platform-management/aiinitiatives/adapting-ai-initiatives#scopes-in-an-organization). A permission is a set of actions (View, Edit, Create and Delete) over a NVIDIA Run:ai entity (e.g. projects, workloads, users). ## Roles Table The Roles table can be found under **Access** in the NVIDIA Run:ai platform. The Roles table displays a list of roles available to users in the NVIDIA Run:ai platform. It is not possible to create additional roles or edit or delete existing roles. ![](https://2342309808-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F1vISNN7yBSgahrgLlsPz%2Fuploads%2Fgit-blob-f333981abe4ded7bf21a474461d583cd4dc0e5d2%2Frolestable.png?alt=media) The Roles table consists of the following columns: | Column | Description | | ------------- | --------------------------------------- | | Role | The name of the role | | Created by | The name of the role creator | | Creation time | The timestamp when the role was created | ### Customizing the Table View * Filter - Click ADD FILTER, select the column to filter by, and enter the filter values * Search - Click SEARCH and type the value to search by * Sort - Click each column header to sort by * Column selection - Click COLUMNS and select the columns to display in the table * Download table - Click MORE and then Click Download as CSV. Export to CSV is limited to 20,000 rows. ## Reviewing a Role 1. To review a role click the role name on the table 2. In the role form review the following: * **Role name**\ The name of the role * **Entity**\ A system-managed object that can be viewed, edited, created or deleted by a user based on their assigned role and scope * **Actions**\ The actions that the role assignee is authorized to perform for each entity * **View** - If checked, an assigned user with this role can view instances of this type of entity within their defined scope * **Edit** - If checked, an assigned user with this role can change the settings of an instance of this type of entity within their defined scope * **Create** - If checked, an assigned user with this role can create new instances of this type of entity within their defined scope * **Delete** - If checked, an assigned user with this role can delete instances of this type of entity within their defined scope ## Roles in NVIDIA Run:ai NVIDIA Run:ai supports the following roles and their permissions. Under each role is a detailed list of the actions that the role assignee is authorized to perform for each entity.
Compute resource administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruetruetruetrue
Credentialsfalsefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Credentials administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialstruetruetruetrue
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Data source administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialstruefalsefalsefalse
Data sourcestruetruetruetrue
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Data volume administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialstruefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruetruetruetrue
Data volumes - sharing listtruetruetruetrue
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Department administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruetruetruetrue
Projectstruetruetruetrue
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodestruefalsefalsefalse
Access rulestruetruetruetrue
Applicationstruetruetruetrue
Groupstruetruetruetrue
Personal applicationsfalsefalsefalsefalse
Rolestruefalsefalsefalse
Userstruetruetruetrue
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruetruetruetrue
Workloadstruetruetruetrue
Compute resourcestruetruetruetrue
Credentialstruetruetruetrue
Data sourcestruetruetruetrue
Data volumestruetruetruetrue
Data volumes - sharing listtruetruetruetrue
Environmentstruetruetruetrue
Storage class configurationsfalsefalsefalsefalse
Templatestruetruetruetrue
Department viewer
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialsfalsefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Editor
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruetruetruetrue
Event historyfalsefalsefalsefalse
Policiestruetruetruetrue
Projectstruetruetruetrue
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodestruefalsefalsefalse
Access rulestruetruetruetrue
Applicationstruefalsefalsefalse
Groupstruefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolestruefalsefalsefalse
Userstruefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruefalsefalsefalse
Workloadstruetruetruetrue
Compute resourcestruetruetruetrue
Credentialstruetruetruetrue
Data sourcestruetruetruetrue
Data volumestruetruetruetrue
Data volumes - sharing listtruetruetruetrue
Environmentstruetruetruetrue
Storage class configurationsfalsefalsefalsefalse
Templatestruetruetruetrue
Environment administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialsfalsefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruetruetruetrue
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
L1 researcher
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentsfalsefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruefalsefalsefalse
Workloadstruetruetruetrue
Compute resourcestruetruetruetrue
Credentialstruetruetruetrue
Data sourcestruetruetruetrue
Data volumestruetruetruetrue
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruetruetruetrue
Storage class configurationsfalsefalsefalsefalse
Templatestruetruetruetrue
L2 researcher
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentsfalsefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardfalsefalsefalsefalse
Consumption dashboardfalsefalsefalsefalse
Overview dashboardfalsefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruetruetruetrue
Compute resourcestruefalsefalsefalse
Credentialstruefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
ML engineer
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodestruefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruetruetruetrue
Workloadstruetruetruetrue
Compute resourcesfalsefalsefalsefalse
Credentialstruefalsefalsefalse
Data sourcesfalsefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentsfalsefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatesfalsefalsefalsefalse
Research manager
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruetruetruetrue
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulestruetruetruetrue
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolestruefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruetruetruetrue
Credentialstruefalsefalsefalse
Data sourcestruetruetruetrue
Data volumestruetruetruetrue
Data volumes - sharing listtruetruetruetrue
Environmentstruetruetruetrue
Storage class configurationsfalsefalsefalsefalse
Templatestruetruetruetrue
System administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruetruetruetrue
Event historytruefalsefalsefalse
Policiestruetruetruetrue
Projectstruetruetruetrue
Settingstruetruetruetrue
Clusterstruetruetruetrue
Node poolstruetruetruetrue
Nodestruefalsefalsefalse
Access rulestruetruetruetrue
Applicationstruetruetruetrue
Groupstruetruetruetrue
Personal applicationstruetruetruetrue
Rolestruefalsefalsefalse
Userstruetruetruetrue
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruetruetruetrue
Workloadstruetruetruetrue
Compute resourcestruetruetruetrue
Credentialstruetruetruetrue
Data sourcestruetruetruetrue
Data volumestruetruetruetrue
Data volumes - sharing listtruetruetruetrue
Environmentstruetruetruetrue
Storage class configurationstruetruetruetrue
Templatestruetruetruetrue
Template administrator
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolsfalsefalsefalsefalse
Nodesfalsefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencesfalsefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialsfalsefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruetruetruetrue
Viewer
EntityViewEditCreateDelete
Accounttruefalsefalsefalse
Departmentstruefalsefalsefalse
Event historyfalsefalsefalsefalse
Policiestruefalsefalsefalse
Projectstruefalsefalsefalse
Settingsfalsefalsefalsefalse
Clusterstruefalsefalsefalse
Node poolstruefalsefalsefalse
Nodestruefalsefalsefalse
Access rulesfalsefalsefalsefalse
Applicationsfalsefalsefalsefalse
Groupsfalsefalsefalsefalse
Personal applicationsfalsefalsefalsefalse
Rolesfalsefalsefalsefalse
Usersfalsefalsefalsefalse
Analytics dashboardtruefalsefalsefalse
Consumption dashboardtruefalsefalsefalse
Overview dashboardtruefalsefalsefalse
Inferencestruefalsefalsefalse
Workloadstruefalsefalsefalse
Compute resourcestruefalsefalsefalse
Credentialstruefalsefalsefalse
Data sourcestruefalsefalsefalse
Data volumestruefalsefalsefalse
Data volumes - sharing listfalsefalsefalsefalse
Environmentstruefalsefalsefalse
Storage class configurationsfalsefalsefalsefalse
Templatestruefalsefalsefalse
Permitted workloads When assigning a role with either one, all or any combination of the View, Edit, Create and Delete permissions for workloads, the subject has permissions to manage not only [NVIDIA Run:ai workloads](https://github.com/run-ai/runai-product-docs/blob/v2.20/infrastructure-setup/authentication/broken-reference/README.md) (Workspace, Training, Inference), but also a list of 3rd party workloads: * k8s: StatefulSet * k8s: ReplicaSet * k8s: Pod * k8s: Deployment * batch: Job * batch: CronJob * [machinelearning.seldon.io](http://machinelearning.seldon.io): SeldonDeployment * [kubevirt.io](http://kubevirt.io): VirtualMachineInstance * [kubeflow.org](http://kubeflow.org): TFJob * [kubeflow.org](http://kubeflow.org): PyTorchJob * [kubeflow.org](http://kubeflow.org): XGBoostJob * [kubeflow.org](http://kubeflow.org): MPIJob * [kubeflow.org](http://kubeflow.org): MPIJob * [kubeflow.org](http://kubeflow.org): Notebook * [kubeflow.org](http://kubeflow.org): ScheduledWorkflow * [amlarc.azureml.com](http://amlarc.azureml.com): AmlJob * [serving.knative.dev](http://serving.knative.dev): Service * [workspace.devfile.io](http://workspace.devfile.io): DevWorkspace * [ray.io](http://ray.io): RayCluster * [ray.io](http://ray.io): RayJob * [ray.io](http://ray.io): RayService * [tekton.dev](http://tekton.dev): TaskRun * [tekton.dev](http://tekton.dev): PipelineRun * [argoproj.io](http://argoproj.io): Workflow
## Using API Go to the [Roles](https://app.gitbook.com/o/8U8fWH7v8Vg8pc99umXT/s/b5QLzc5pV7wpXz3CDYyp/authentication-and-authorization/roles) API reference to view the available actions.