Automox currently supports five role-based access controls (RBAC). The user roles and permissions are described here:
A global administrator can access all zones and has full administrative permissions. A global administrator can do the following:
- View and access the Global View landing page
- Add zones to accounts
- Invite users to accounts
- Add users to zones
- Assign zone administrators
- Assign any role to any user
- Control all aspects of the Automox console
Note: It is recommended to keep the number of Global Administrators to a minimum.
A zone administrator has full access and administrative permissions for the assigned zone(s) only. A zone administrator has the following permissions within their zone(s):
- Can add existing users of the account to a zone
- Assign the following roles: zone operator, billing administrator, or read only
- Control all aspects of the Automox console within the zone(s)
Note: Only Global Administrators can invite users to an account.
A zone operator (formerly patch administrator) can create, read, modify, and delete all policies and server groups for a zone(s). They can add, remove, and reboot devices.
A billing administrator can modify billing settings for a zone(s).
This user only has read access rights for the assigned zone(s).