2022-02-09 14:01:19 +00:00
Log :
Level : debug
Formatter :
2022-02-11 10:02:47 +00:00
Format : text
2022-02-14 16:22:30 +00:00
Port : 8080
ExternalPort : 8080
2022-04-28 08:30:41 +00:00
ExternalDomain : #must be provided
2022-02-14 16:22:30 +00:00
ExternalSecure : true
2022-03-29 09:53:19 +00:00
HTTP2HostHeader : ":authority"
HTTP1HostHeader : "host"
2022-02-14 16:22:30 +00:00
2022-04-25 08:01:17 +00:00
WebAuthNName : ZITADEL
2022-02-14 16:22:30 +00:00
Database :
Host : localhost
Port : 26257
Database : zitadel
MaxOpenConns : 20
MaxConnLifetime : 30m
MaxConnIdleTime : 30m
Options : ""
2022-02-16 12:30:49 +00:00
User :
Username : zitadel
Password : ""
SSL :
2022-03-14 06:55:09 +00:00
Mode : disable
2022-02-16 12:30:49 +00:00
RootCert : ""
Cert : ""
Key : ""
AdminUser :
Username : root
2022-03-14 06:55:09 +00:00
Password : ""
SSL :
Mode : disable
RootCert : ""
Cert : ""
Key : ""
2022-02-14 16:22:30 +00:00
Projections :
2022-03-28 08:05:09 +00:00
RequeueEvery : 10s
RetryFailedAfter : 1s
MaxFailureCount : 5
BulkLimit : 200
MaxIterators : 1
Customizations :
projects :
BulkLimit : 2000
2022-02-14 16:22:30 +00:00
AuthZ :
Repository :
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Auth :
SearchLimit : 1000
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Admin :
SearchLimit : 1000
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
UserAgentCookie :
Name : zitadel.useragent
MaxAge : 8760h #365*24h (1 year)
OIDC :
CodeMethodS256 : true
AuthMethodPost : true
AuthMethodPrivateKeyJWT : true
GrantTypeRefreshToken : true
RequestObjectSupported : true
SigningKeyAlgorithm : RS256
DefaultAccessTokenLifetime : 12h
DefaultIdTokenLifetime : 12h
DefaultRefreshTokenIdleExpiration : 720h #30d
DefaultRefreshTokenExpiration : 2160h #90d
Cache :
MaxAge : 12h
SharedMaxAge : 168h #7d
CustomEndpoints :
Login :
LanguageCookieName : zitadel.login.lang
2022-03-14 06:55:09 +00:00
CSRFCookieName : zitadel.login.csrf
2022-02-14 16:22:30 +00:00
Cache :
MaxAge : 12h
SharedMaxAge : 168h #7d
Console :
ShortCache :
2022-05-13 12:06:44 +00:00
MaxAge : 0m
SharedMaxAge : 5m
2022-02-14 16:22:30 +00:00
LongCache :
MaxAge : 12h
SharedMaxAge : 168h
Notification :
Repository :
Spooler :
ConcurrentWorkers : 1
BulkLimit : 10000
FailureCountUntilSkip : 5
Handlers :
2022-03-14 06:55:09 +00:00
EncryptionKeys :
DomainVerification :
EncryptionKeyID : "domainVerificationKey"
DecryptionKeyIDs :
IDPConfig :
EncryptionKeyID : "idpConfigKey"
DecryptionKeyIDs :
OIDC :
EncryptionKeyID : "oidcKey"
DecryptionKeyIDs :
OTP :
EncryptionKeyID : "otpKey"
DecryptionKeyIDs :
SMS :
EncryptionKeyID : "smsKey"
DecryptionKeyIDs :
SMTP :
EncryptionKeyID : "smtpKey"
DecryptionKeyIDs :
User :
EncryptionKeyID : "userKey"
DecryptionKeyIDs :
CSRFCookieKeyID : "csrfCookieKey"
UserAgentCookieKeyID : "userAgentCookieKey"
2022-02-14 16:22:30 +00:00
#TODO: remove as soon as possible
SystemDefaults :
SecretGenerators :
PasswordSaltCost : 14
MachineKeySize : 2048
ApplicationKeySize : 2048
Multifactors :
OTP :
2022-04-29 08:25:12 +00:00
Issuer : "ZITADEL"
2022-02-14 16:22:30 +00:00
DomainVerification :
VerificationGenerator :
Length : 32
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
Notifications :
2022-04-29 08:25:12 +00:00
FileSystemPath : ".notifications/"
2022-02-14 16:22:30 +00:00
KeyConfig :
Size : 2048
PrivateKeyLifetime : 6h
PublicKeyLifetime : 30h
2022-03-29 09:53:19 +00:00
2022-04-21 10:37:39 +00:00
DefaultInstance :
InstanceName :
2022-05-03 13:58:38 +00:00
DefaultLanguage : en
2022-04-21 10:37:39 +00:00
Org :
Name :
Human :
UserName : zitadel-admin
FirstName : ZITADEL
LastName : Admin
NickName :
DisplayName :
Email :
Address :
Verified : false
2022-04-28 08:30:41 +00:00
PreferredLanguage : en
2022-04-21 10:37:39 +00:00
Gender :
Phone :
Number :
Verified :
Password :
SecretGenerators :
PasswordSaltCost : 14
ClientSecret :
Length : 64
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
InitializeUserCode :
Length : 6
2022-04-29 08:25:12 +00:00
Expiry : "72h"
2022-04-21 10:37:39 +00:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
EmailVerificationCode :
Length : 6
2022-04-29 08:25:12 +00:00
Expiry : "1h"
2022-04-21 10:37:39 +00:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PhoneVerificationCode :
Length : 6
2022-04-29 08:25:12 +00:00
Expiry : "1h"
2022-04-21 10:37:39 +00:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordVerificationCode :
Length : 6
2022-04-29 08:25:12 +00:00
Expiry : "1h"
2022-04-21 10:37:39 +00:00
IncludeLowerLetters : false
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordlessInitCode :
Length : 12
2022-04-29 08:25:12 +00:00
Expiry : "1h"
2022-04-21 10:37:39 +00:00
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
DomainVerification :
Length : 32
IncludeLowerLetters : true
IncludeUpperLetters : true
IncludeDigits : true
IncludeSymbols : false
PasswordComplexityPolicy :
MinLength : 8
HasLowercase : true
HasUppercase : true
HasNumber : true
HasSymbol : true
PasswordAgePolicy :
ExpireWarnDays : 0
MaxAgeDays : 0
DomainPolicy :
UserLoginMustBeDomain : true
ValidateOrgDomains : true
LoginPolicy :
AllowUsernamePassword : true
AllowRegister : true
AllowExternalIDP : true
ForceMFA : false
HidePasswordReset : false
2022-05-16 13:39:09 +00:00
IgnoreUnknownUsernames : false
2022-04-21 10:37:39 +00:00
PasswordlessType: 1 #1: allowed 0 : not allowed
2022-05-16 13:39:09 +00:00
DefaultRedirectURI : #empty because we use the Console UI
2022-04-21 10:37:39 +00:00
PasswordCheckLifetime : 240h #10d
ExternalLoginCheckLifetime : 240h #10d
MfaInitSkipLifetime : 720h #30d
SecondFactorCheckLifetime : 18h
MultiFactorCheckLifetime : 12h
PrivacyPolicy :
TOSLink : https://docs.zitadel.ch/docs/legal/terms-of-service
PrivacyLink : https://docs.zitadel.ch/docs/legal/privacy-policy
2022-04-29 08:25:12 +00:00
HelpLink : ""
2022-04-21 10:37:39 +00:00
LabelPolicy :
2022-04-29 08:25:12 +00:00
PrimaryColor : "#5469d4"
BackgroundColor : "#fafafa"
WarnColor : "#cd3d56"
FontColor : "#000000"
PrimaryColorDark : "#bbbafa"
BackgroundColorDark : "#111827"
WarnColorDark : "#ff3b5b"
FontColorDark : "#ffffff"
2022-04-21 10:37:39 +00:00
HideLoginNameSuffix : false
ErrorMsgPopup : false
DisableWatermark : false
LockoutPolicy :
MaxAttempts : 0
ShouldShowLockoutFailure : true
2022-05-16 07:52:10 +00:00
EmailTemplate : CjwhZG9jdHlwZSBodG1sPgo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCIgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSI+CjxoZWFkPgogIDx0aXRsZT4KCiAgPC90aXRsZT4KICA8IS0tW2lmICFtc29dPjwhLS0+CiAgPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1lZGdlIj4KICA8IS0tPCFbZW5kaWZdLS0+CiAgPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPgogIDxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSI+CiAgPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KICAgICNvdXRsb29rIGEgeyBwYWRkaW5nOjA7IH0KICAgIGJvZHkgeyBtYXJnaW46MDtwYWRkaW5nOjA7LXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OjEwMCU7LW1zLXRleHQtc2l6ZS1hZGp1c3Q6MTAwJTsgfQogICAgdGFibGUsIHRkIHsgYm9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21zby10YWJsZS1sc3BhY2U6MHB0O21zby10YWJsZS1yc3BhY2U6MHB0OyB9CiAgICBpbWcgeyBib3JkZXI6MDtoZWlnaHQ6YXV0bztsaW5lLWhlaWdodDoxMDAlOyBvdXRsaW5lOm5vbmU7dGV4dC1kZWNvcmF0aW9uOm5vbmU7LW1zLWludGVycG9sYXRpb24tbW9kZTpiaWN1YmljOyB9CiAgICBwIHsgZGlzcGxheTpibG9jazttYXJnaW46MTNweCAwOyB9CiAgPC9zdHlsZT4KICA8IS0tW2lmIG1zb10+CiAgPHhtbD4KICAgIDxvOk9mZmljZURvY3VtZW50U2V0dGluZ3M+CiAgICAgIDxvOkFsbG93UE5HLz4KICAgICAgPG86UGl4ZWxzUGVySW5jaD45NjwvbzpQaXhlbHNQZXJJbmNoPgogICAgPC9vOk9mZmljZURvY3VtZW50U2V0dGluZ3M+CiAgPC94bWw+CiAgPCFbZW5kaWZdLS0+CiAgPCEtLVtpZiBsdGUgbXNvIDExXT4KICA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgogICAgLm1qLW91dGxvb2stZ3JvdXAtZml4IHsgd2lkdGg6MTAwJSAhaW1wb3J0YW50OyB9CiAgPC9zdHlsZT4KICA8IVtlbmRpZl0tLT4KCgogIDxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CiAgICBAbWVkaWEgb25seSBzY3JlZW4gYW5kIChtaW4td2lkdGg6NDgwcHgpIHsKICAgICAgLm1qLWNvbHVtbi1wZXItMTAwIHsgd2lkdGg6MTAwJSAhaW1wb3J0YW50OyBtYXgtd2lkdGg6IDEwMCU7IH0KICAgICAgLm1qLWNvbHVtbi1wZXItNjAgeyB3aWR0aDo2MCUgIWltcG9ydGFudDsgbWF4LXdpZHRoOiA2MCU7IH0KICAgIH0KICA8L3N0eWxlPgoKCiAgPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KCgoKICAgIEBtZWRpYSBvbmx5IHNjcmVlbiBhbmQgKG1heC13aWR0aDo0ODBweCkgewogICAgICB0YWJsZS5tai1mdWxsLXdpZHRoLW1vYmlsZSB7IHdpZHRoOiAxMDAlICFpbXBvcnRhbnQ7IH0KICAgICAgdGQubWotZnVsbC13aWR0aC1tb2JpbGUgeyB3aWR0aDogYXV0byAhaW1wb3J0YW50OyB9CiAgICB9CgogIDwvc3R5bGU+CiAgPHN0eWxlIHR5cGU9InRleHQvY3NzIj4uc2hhZG93IGEgewogICAgYm94LXNoYWRvdzogMHB4IDNweCAxcHggLTJweCByZ2JhKDAsIDAsIDAsIDAuMiksIDBweCAycHggMnB4IDBweCByZ2JhKDAsIDAsIDAsIDAuMTQpLCAwcHggMXB4IDVweCAwcHggcmdiYSgwLCAwLCAwLCAwLjEyKTsKICB9PC9zdHlsZT4KCiAge3tpZiAuRm9udFVSTH19CiAgPHN0eWxlPgogICAgQGZvbnQtZmFjZSB7CiAgICAgIGZvbnQtZmFtaWx5OiAne3suRm9udEZhY2VGYW1pbHl9fSc7CiAgICAgIGZvbnQtc3R5bGU6IG5vcm1hbDsKICAgICAgZm9udC1kaXNwbGF5OiBzd2FwOwogICAgICBzcmM6IHVybCh7ey5Gb250VVJMfX0pOwogICAgfQogIDwvc3R5bGU+CiAge3tlbmR9fQoKPC9oZWFkPgo8Ym9keSBzdHlsZT0id29yZC1zcGFjaW5nOm5vcm1hbDsiPgoKCjxkaXYKICAgICAgICBzdHlsZT0iIgo+CgogIDx0YWJsZQogICAgICAgICAgYWxpZ249ImNlbnRlciIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiIHJvbGU9InByZXNlbnRhdGlvbiIgc3R5bGU9ImJhY2tncm91bmQ6e3suQmFja2dyb3VuZENvbG9yfX07YmFja2dyb3VuZC1jb2xvcjp7ey5CYWNrZ3JvdW5kQ29sb3J9fTt3aWR0aDoxMDAlO2JvcmRlci1yYWRpdXM6MTZweDsiCiAgPgogICAgPHRib2R5PgogICAgPHRyPgogICAgICA8dGQ+CgoKICAgICAgICA8IS0tW2lmIG1zbyB8IElFXT48dGFibGUgYWxpZ249ImNlbnRlciIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiIGNsYXNzPSIiIHN0eWxlPSJ3aWR0aDo4MDBweDsiIHdpZHRoPSI4MDAiID48dHI+PHRkIHN0eWxlPSJsaW5lLWhlaWdodDowcHg7Zm9udC1zaXplOjBweDttc28tbGluZS1oZWlnaHQtcnVsZTpleGFjdGx5OyI+PCFbZW5kaWZdLS0+CgoKICAgICAgICA8ZGl2ICBzdHlsZT0ibWFyZ2luOjBweCBhdXRvO2JvcmRlci1yYWRpdXM6MTZweDttYXgtd2lkdGg6ODAwcHg7Ij4KCiAgICAgICAgICA8dGFibGUKICAgICAgICAgICAgICAgICAgYWxpZ249ImNlbnRlciIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiIHJvbGU9InByZXNlbnRhdGlvbiIgc3R5bGU9IndpZHRoOjEwMCU7Ym9yZGVyLXJhZGl1czoxNnB4OyIKICAgICAgICAgID4KICAgICAgICAgICAgPHRib2R5PgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkCiAgICAgICAgICAgICAgICAgICAgICBzdHlsZT0iZGlyZWN0aW9uOmx0cjtmb250LXNpemU6MHB4O3BhZGRpbmc6MjBweCAwO3BhZGRpbmctbGVmdDowO3RleHQtYWxpZ246Y2VudGVyOyIKICAgICAgICAgICAgICA+CiAgICAgICAgICAgICAgICA8IS0tW2lmIG1zbyB8IElFXT48dGFibGUgcm9sZT0icHJlc2VudGF0aW9uIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+PHRyPjx0ZCBjbGFzcz0iIiB3aWR0aD0iODAwcHgiID48IVtlbmRpZl0tLT4KCiAgICAgICAgICAgICAgIC
2022-04-21 10:37:39 +00:00
MessageTexts :
- MessageTextType : InitCode
Language : de
Title : Zitadel - User initialisieren
PreHeader : User initialisieren
Subject : User initialisieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Dieser Benutzer wurde soeben im Zitadel erstellt. Mit dem Benutzernamen <br><strong>{{.PreferredLoginName}}</strong><br> kannst du dich anmelden. Nutze den untenstehenden Button, um die Initialisierung abzuschliessen <br>(Code <strong>{{.Code}}</strong>).<br> Falls du dieses Mail nicht angefordert hast, kannst du es einfach ignorieren.
ButtonText : Initialisierung abschliessen
- MessageTextType : PasswordReset
Language : de
Title : Zitadel - Passwort zurücksetzen
PreHeader : Passwort zurücksetzen
Subject : Passwort zurücksetzen
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Wir haben eine Anfrage für das Zurücksetzen deines Passwortes bekommen. Du kannst den untenstehenden Button verwenden, um dein Passwort zurückzusetzen <br>(Code <strong>{{.Code}}</strong>).<br> Falls du dieses Mail nicht angefordert hast, kannst du es ignorieren.
ButtonText : Passwort zurücksetzen
- MessageTextType : VerifyEmail
Language : de
Title : Zitadel - Email verifizieren
PreHeader : Email verifizieren
Subject : Email verifizieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Eine neue E-Mail Adresse wurde hinzugefügt. Bitte verwende den untenstehenden Button um diese zu verifizieren <br>(Code <strong>{{.Code}}</strong>).<br> Falls du deine E-Mail Adresse nicht selber hinzugefügt hast, kannst du dieses E-Mail ignorieren.
ButtonText : Email verifizieren
- MessageTextType : VerifyPhone
Language : de
Title : Zitadel - Telefonnummer verifizieren
PreHeader : Telefonnummer verifizieren
Subject : Telefonnummer verifizieren
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Eine Telefonnummer wurde hinzugefügt. Bitte verifiziere diese in dem du folgenden Code eingibst (Code {{.Code}})
ButtonText : Telefon verifizieren
- MessageTextType : DomainClaimed
Language : de
Title : Zitadel - Domain wurde beansprucht
PreHeader : Email / Username ändern
Subject : Domain wurde beansprucht
Greeting : Hallo {{.FirstName}} {{.LastName}},
Text : Die Domain {{.Domain}} wurde von einer Organisation beansprucht. Dein derzeitiger User {{.Username}} ist nicht Teil dieser Organisation. Daher musst du beim nächsten Login eine neue Email hinterlegen. Für diesen Login haben wir dir einen temporären Usernamen ({{.TempUsername}}) erstellt.
ButtonText : Login
- MessageTextType : InitCode
Language : en
Title : Zitadel - Initialize User
PreHeader : Initialize User
Subject : Initialize User
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : This user was created in Zitadel. Use the username {{.PreferredLoginName}} to login. Please click the button below to finish the initialization process. (Code {{.Code}}) If you didn't ask for this mail, please ignore it.
ButtonText : Finish initialization
- MessageTextType : PasswordReset
Language : en
Title : Zitadel - Reset password
PreHeader : Reset password
Subject : Reset password
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : We received a password reset request. Please use the button below to reset your password. (Code {{.Code}}) If you didn't ask for this mail, please ignore it.
ButtonText : Reset password
- MessageTextType : VerifyEmail
Language : en
Title : Zitadel - Verify email
PreHeader : Verify email
Subject : Verify email
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : A new email has been added. Please use the button below to verify your mail. (Code {{.Code}}) If you din't add a new email, please ignore this email.
ButtonText : Verify email
- MessageTextType : VerifyPhone
Language : en
Title : Zitadel - Verify phone
PreHeader : Verify phone
Subject : Verify phone
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : A new phonenumber has been added. Please use the following code to verify it {{.Code}}.
ButtonText : Verify phone
- MessageTextType : DomainClaimed
Language : en
Title : Zitadel - Domain has been claimed
PreHeader : Change email / username
Subject : Domain has been claimed
Greeting : Hello {{.FirstName}} {{.LastName}},
Text : The domain {{.Domain}} has been claimed by an organisation. Your current user {{.UserName}} is not part of this organisation. Therefore you'll have to change your email when you login. We have created a temporary username ({{.TempUsername}}) for this login.
ButtonText : Login
2022-03-29 09:53:19 +00:00
InternalAuthZ :
RolePermissionMappings :
2022-04-29 08:25:12 +00:00
- Role : "IAM_OWNER"
2022-03-29 09:53:19 +00:00
Permissions :
- "iam.read"
- "iam.write"
- "iam.policy.read"
- "iam.policy.write"
- "iam.policy.delete"
- "iam.member.read"
- "iam.member.write"
- "iam.member.delete"
- "iam.idp.read"
- "iam.idp.write"
- "iam.idp.delete"
- "iam.action.read"
- "iam.action.write"
- "iam.action.delete"
- "iam.flow.read"
- "iam.flow.write"
- "iam.flow.delete"
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 08:25:12 +00:00
- Role : "IAM_OWNER_VIEWER"
2022-03-29 09:53:19 +00:00
Permissions :
- "iam.read"
- "iam.policy.read"
- "iam.member.read"
- "iam.idp.read"
- "iam.action.read"
- "iam.flow.read"
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
2022-04-29 08:25:12 +00:00
- Role : "IAM_ORG_MANAGER"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 08:25:12 +00:00
- Role : "IAM_USER_MANAGER"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.global.read"
- "org.member.read"
- "org.member.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
2022-04-29 08:25:12 +00:00
- Role : "ORG_OWNER"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
2022-04-29 08:25:12 +00:00
- Role : "ORG_USER_MANAGER"
2022-03-29 09:53:19 +00:00
Permissions :
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "project.read"
- "project.role.read"
2022-04-29 08:25:12 +00:00
- Role : "ORG_OWNER_VIEWER"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.user.grant.read"
2022-04-29 08:25:12 +00:00
- Role : "ORG_USER_PERMISSION_EDITOR"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
2022-04-29 08:25:12 +00:00
- Role : "ORG_PROJECT_PERMISSION_EDITOR"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
2022-04-29 08:25:12 +00:00
- Role : "ORG_PROJECT_CREATOR"
2022-03-29 09:53:19 +00:00
Permissions :
- "user.global.read"
- "policy.read"
- "project.read:self"
- "project.create"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_OWNER"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_OWNER_VIEWER"
2022-03-29 09:53:19 +00:00
Permissions :
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
2022-04-29 08:25:12 +00:00
- Role : "SELF_MANAGEMENT_GLOBAL"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.create"
- "policy.read"
- "user.self.delete"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_OWNER_GLOBAL"
2022-03-29 09:53:19 +00:00
Permissions :
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_OWNER_VIEWER_GLOBAL"
2022-03-29 09:53:19 +00:00
Permissions :
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_GRANT_OWNER"
2022-03-29 09:53:19 +00:00
Permissions :
- "policy.read"
- "org.global.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
2022-04-29 08:25:12 +00:00
- Role : "PROJECT_GRANT_OWNER_VIEWER"
2022-03-29 09:53:19 +00:00
Permissions :
- "policy.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
