Create roles with cluster access only

Create roles with cluster access only.

Roles with cluster access allow access to the Cluster Management UI and REST API.

Default management roles

Redis Enterprise Software includes five predefined roles that determine a user's level of access to the Cluster Manager UI and REST API.

  1. DB Viewer - Read database settings
  2. DB Member - Administer databases
  3. Cluster Viewer - Read cluster settings
  4. Cluster Member - Administer the cluster
  5. User Manager - Administer users
  6. Admin - Full cluster access
  7. None - For data access only - cannot access the Cluster Manager UI or use the REST API

For more details about the privileges granted by each of these roles, see Cluster Manager UI permissions or REST API permissions.

Cluster Manager UI permissions

Here's a summary of the Cluster Manager UI actions permitted by each default management role:

Action DB Viewer DB Member Cluster Viewer Cluster Member Admin User Manager
Create, edit, delete users and LDAP mappings ❌ No ❌ No ❌ No ❌ No ✅ Yes ✅ Yes
Create support package ❌ No ✅ Yes ❌ No ✅ Yes ✅ Yes ❌ No
Edit database configuration ❌ No ✅ Yes ❌ No ✅ Yes ✅ Yes ❌ No
Reset slow log ❌ No ✅ Yes ❌ No ✅ Yes ✅ Yes ❌ No
View cluster configuration ❌ No ❌ No ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View cluster logs ❌ No ✅ Yes ✅ Yes ✅ Yes ✅ Yes
 ✅ Yes
View cluster metrics ❌ No ❌ No ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View database configuration ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View database metrics ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View node configuration ❌ No ❌ No ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View node metrics ❌ No ❌ No ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View Redis database password ❌ No ✅ Yes ❌ No ✅ Yes ✅ Yes ✅ Yes
View slow log ❌ No ✅ Yes ❌ No ✅ Yes ✅ Yes ❌ No
View and edit cluster settings ❌ No ❌ No ❌ No ❌ No ✅ Yes ❌ No

Create roles for cluster access

To create a role that grants cluster access but does not grant access to any databases:

  1. From Access Control > Roles, you can:

    • Point to a role and select The Edit button to edit an existing role.

    • Select + Add role to create a new role.

    Add role with name

  2. Enter a descriptive name for the role.

  3. Choose a Cluster management role to determine cluster management permissions.

    Select a cluster management role to set the level of cluster management permissions for the new role.

  4. To prevent database access when using this role, do not add any ACLs.

  5. Select Save.

You can assign the new role to users to grant cluster access.

RATE THIS PAGE
Back to top ↑