The Permission Level of a User determines their ability to add resources to the organization, edit those resources, or to manage other Users. You can delegate various levels of administrative permissions to Users within your account, including Account Administrator, Database Administrator, Team Lead, and/or User. You do not need to have all administrative types set up.
An Account Administrator has full administrative access to the entire organization. Only Account Administrators can create Roles and grant access to Datasources and Servers.
A Database Administrator can configure and manage resources (i.e., Datasources, Servers, Clusters, Clouds, and Websites).
A Team Lead can manage users within a particular Role. This permission level is designed for managers who are in charge of a team but don't necessarily control the infrastructure they use. Team Leads can invite new Users exclusively to the Role they manage, and those Users will inherit the same access as the Team Lead.
User is the default for any person invited to the account. Users can query and access the Datasources and Servers to which they have been granted access.
Permission Level Summary
|Action||Account Administrator||Database Administrator||Team Lead||User|
|Access Datasources, Servers, Clusters, Clouds, and Websites||✔||✔||✔||✔|
|Audit activities, queries, and SSH captures||✔|
|Audit account configuration||✔|
|Grant administrative access||✔|
|Grant access to Datasources, Servers, Clusters, Clouds, and Websites||✔|
|Invite and suspend users||✔||✔|
|Manage user details||✔|
|Manage Service Accounts, Admin Tokens, & API Keys||✔|
|Create roles & manage their access||✔|
|Move users into and out of roles||✔||✔|
|Manage Datasources, Servers, Clusters, Clouds, and Websites||✔||✔|
|Manage Relays and Gateways||✔|
|Update account settings||✔|