Create roles with cluster access only

Create roles with cluster access only.

Roles with cluster access allow access to the Cluster Management UI and REST API.

Default management roles

Redis Enterprise Software includes five predefined roles that determine a user's level of access to the Cluster Manager UI and REST API.

DB Viewer - Read database settings
DB Member - Administer databases
Cluster Viewer - Read cluster settings
Cluster Member - Administer the cluster
Admin - Full cluster access
None - For data access only - cannot access the Cluster Manager UI or use the REST API

For more details about the privileges granted by each of these roles, see Cluster Manager UI permissions or REST API permissions.

Here's a summary of the Cluster Manager UI actions permitted by each default management role:

Action	DB Viewer	DB Member	Cluster Viewer	Cluster Member	Admin
Create support package	❌ No	✅ Yes	❌ No	✅ Yes	✅ Yes
Edit database configuration	❌ No	✅ Yes	❌ No	✅ Yes	✅ Yes
Reset slow log	❌ No	✅ Yes	❌ No	✅ Yes	✅ Yes
View cluster configuration	❌ No	❌ No	✅ Yes	✅ Yes	✅ Yes
View cluster logs	❌ No	✅ Yes	✅ Yes	✅ Yes	✅ Yes
View cluster metrics	❌ No	❌ No	✅ Yes	✅ Yes	✅ Yes
View database configuration	✅ Yes	✅ Yes	✅ Yes	✅ Yes	✅ Yes
View database metrics	✅ Yes	✅ Yes	✅ Yes	✅ Yes	✅ Yes
View node configuration	❌ No	❌ No	✅ Yes	✅ Yes	✅ Yes
View node metrics	❌ No	❌ No	✅ Yes	✅ Yes	✅ Yes
View Redis database password	❌ No	✅ Yes	❌ No	✅ Yes	✅ Yes
View slow log	❌ No	✅ Yes	❌ No	✅ Yes	✅ Yes
View and edit cluster settings	❌ No	❌ No	❌ No	❌ No	✅ Yes

To create a role that grants cluster access but does not grant access to any databases:

From Access Control > Roles, you can:
- Point to a role and select to edit an existing role.
- Select + Add role to create a new role.
Enter a descriptive name for the role.
Choose a Cluster management role to determine cluster management permissions.
To prevent database access when using this role, do not add any ACLs.
Select Save.

You can assign the new role to users to grant cluster access.