Users and Roles
Ternary provides five user roles that determine what actions a user can perform in the platform. Roles are designed to provide the right level of access for different responsibilities, from basic viewing to full tenant or multi-tenant administration.
Available roles
Role | Description |
---|---|
Partner Admin | Special role for Managed Service Providers (MSPs) to access multiple customer tenants, including viewing, configuring, and managing them. |
Tenant Admin (formerly Owner) | Full control over the tenant, including user management, integrations, and advanced settings. |
Full Access User | Advanced permissions to create, edit, and manage most resources without tenant-level administration. |
Basic User (formerly Regular User) | Standard role for creating and managing dashboards, budgets, reports, and viewing most data. |
Limited User | Entry-level role focused on viewing data and creating basic items like reports and dashboards. |
Role comparison
Create actions
Permissions | Limited User | Basic User | Full Access User | Tenant Admin | Partner Admin |
---|---|---|---|---|---|
Budgets | Y | Y | Y | Y | Y |
Case & Case Comments | Y | Y | Y | Y | Y |
Dashboard | Y | Y | Y | Y | Y |
Report | Y | Y | Y | Y | Y |
Resource Subscription | Y | Y | Y | Y | Y |
Savings Opportunity | Y | Y | Y | Y | Y |
Alert Rule | N | Y | Y | Y | Y |
Cost Compare Bill | N | Y | Y | Y | Y |
Ramp Plan | N | Y | Y | Y | Y |
Custom Labels & Metrics | N | N | Y | Y | Y |
Label Grouping Rules & Preferences | N | N | Y | Y | Y |
Data Integration | N | N | N | Y | Y |
User & User Group Configurations | N | N | N | Y | Y |
Kubernetes Pod Labels | N | N | N | Y | Y |
View (Read) actions
Permissions | Limited User | Basic User | Full Access User | Tenant Admin | Partner Admin |
---|---|---|---|---|---|
Budgets | Y | Y | Y | Y | Y |
Cases | N | Y | Y | Y | Y |
Dashboards | Y | Y | Y | Y | Y |
Reports & Report Data | Y | Y | Y | Y | Y |
Resource Subscriptions | Y | Y | Y | Y | Y |
Recommendations | Y | Y | Y | Y | Y |
Savings Opportunities | Y | Y | Y | Y | Y |
Cost Alerts (Anomalies) | Y | Y | Y | Y | Y |
Ramp Plans | N | Y | Y | Y | Y |
Label Map & Preferences | Y | Y | Y | Y | Y |
Reallocations & Jobs | N | Y | Y | Y | Y |
Data Integrations | Y | Y | Y | Y | Y |
Kubernetes Pod Labels | N | N | Y | Y | Y |
Roles & User Roles | N | N | N | Y | Y |
Update (Edit) actions
Permissions | Limited User | Basic User | Full Access User | Tenant Admin | Partner Admin |
---|---|---|---|---|---|
Resource Subscriptions | Y | Y | Y | Y | Y |
Budgets | N | Y | Y | Y | Y |
Cases | N | Y | Y | Y | Y |
Dashboards | N | Y | Y | Y | Y |
Reports | N | Y | Y | Y | Y |
Recommendations | N | Y | Y | Y | Y |
Alert Rules | N | Y | Y | Y | Y |
Ramp Plans | N | Y | Y | Y | Y |
Label Grouping Rules & Preferences | N | N | Y | Y | Y |
Savings Opportunities | N | N | Y | Y | Y |
Reallocations | N | Y | Y | Y | Y |
Measure Preferences | N | N | Y | Y | Y |
Tenant-wide Settings | N | N | N | Y | Y |
User Roles & Group Configs | N | N | N | Y | Y |
Delete actions
Permissions | Limited User | Basic User | Full Access User | Tenant Admin | Partner Admin |
---|---|---|---|---|---|
Resource Subscriptions | Y | Y | Y | Y | Y |
Budgets | N | Y | Y | Y | Y |
Reports | N | N | Y | Y | Y |
Ramp Plans | N | N | Y | Y | Y |
Label Grouping Rules | N | N | Y | Y | Y |
Custom Labels & Metrics | N | N | Y | Y | Y |
Savings Opportunities | N | N | Y | Y | Y |
Reallocations | N | N | Y | Y | Y |
Kubernetes Pod Labels | N | N | N | Y | Y |
Data Integrations | N | N | N | Y | Y |
User Group Configurations | N | N | N | Y | Y |
Special actions
Permissions | Limited User | Basic User | Full Access User | Tenant Admin | Partner Admin |
---|---|---|---|---|---|
Generate Cost Compare report | N | Y | Y | Y | Y |
View Committed Use page | N | Y | Y | Y | Y |
Trigger reallocation | N | N | Y | Y | Y |
Grant/revoke tenant access | N | N | N | Y | Y |
Role summaries
Limited User - For team members who primarily need to view data and run basic reports
- View dashboards, reports and basic cost information
- Create simple items like reports and budgets
Basic User - For users actively managing costs and reporting
- Everything a Limited User can do
- Plus: Create and edit budgets, dashboards and ramp plans
- View recommendations and run comparisons
Full Access User - For power users managing complex workflows and optimizations
- Everything a Basic User can do
- Plus: Manage custom labels, metrics, reallocations and advanced reporting tools
- Trigger reallocations and manage measure preferences
Tenant Admin - For administrators managing the entire tenant
- Everything a Full Access User can do
- Plus: Full control of integrations, Kubernetes labels and user roles
- Grant or revoke access and update tenant-wide settings
Partner Admin - For MSPs managing multiple customer tenants
- Cross-tenant view of usage, costs, and configurations
- Ability to configure, update, and manage tenants
- Ideal for partners who need to support multiple customers
Role | Scope | Best for |
---|---|---|
Limited User | Single tenant | New team members who need to view data and run simple reports. |
Basic User | Single tenant | Managing budgets, dashboards, and reports. |
Full Access User | Single tenant | Power users who need advanced optimization and reporting control. |
Tenant Admin | Single tenant | Full administration and user management. |
Partner Admin | MSP Parent Tenant and all Child Tenants | Cross-tenant management, reporting, and support. |
Updated 14 days ago