Secrets management roles
Secrets management adds these roles.
Secrets administrator [sn_secrets.admin]
Assign non-admin secrets roles to other users. Secrets administrators have the same privileges as secrets manager and viewer.
Contains Roles
List of roles contained within the role.
None.
Groups
List of groups this role is assigned to by default.
None.
Special considerations
重要:
Avoid granting an admin role when more specialized roles are available.
- A user must have both the admin and security_admin roles to be assigned the sn_secret.admin role.
- Avoid granting an admin role when more targeted roles are available.
Secrets manager [sn_secrets.secret_manager]
Grant this role to users who must be able to perform any of the following functions.
- View secret and secret group records
- View access history, and other usage activity info
- Create secret groups and filters
- Create secret providers
- Move secrets across secret groups
- Change secret group and secret provider settings
Contains Roles
List of roles contained within the role.
None.
Groups
List of groups this role is assigned to by default.
None.
Special considerations
重要:
Secrets managers can’t see secrets in plain text.
Secrets viewer [sn_secrets.viewer]
Grant this role to users who must be able to view secret and secret group records.
Contains Roles
List of roles contained within the role.
None.
Groups
List of groups this role is assigned to by default.
None.
Special considerations
None.