Users and Roles

Ternary provides five user roles that determine what actions a user can perform in the platform. Roles are designed to provide the right level of access for different responsibilities, from basic viewing to full tenant or multi-tenant administration.

Available roles

RoleDescription
Partner AdminSpecial role for Managed Service Providers (MSPs) to access multiple customer tenants, including viewing, configuring, and managing them.
Tenant Admin (formerly Owner)Full control over the tenant, including user management, integrations, and advanced settings.
Full Access UserAdvanced permissions to create, edit, and manage most resources without tenant-level administration.
Basic User (formerly Regular User)Standard role for creating and managing dashboards, budgets, reports, and viewing most data.
Limited UserEntry-level role focused on viewing data and creating basic items like reports and dashboards.

Role comparison

Create actions

PermissionsLimited UserBasic UserFull Access UserTenant AdminPartner Admin
BudgetsYYYYY
Case & Case CommentsYYYYY
DashboardYYYYY
ReportYYYYY
Resource SubscriptionYYYYY
Savings OpportunityYYYYY
Alert RuleNYYYY
Cost Compare BillNYYYY
Ramp PlanNYYYY
Custom Labels & MetricsNNYYY
Label Grouping Rules & PreferencesNNYYY
Data IntegrationNNNYY
User & User Group ConfigurationsNNNYY
Kubernetes Pod LabelsNNNYY

View (Read) actions

PermissionsLimited UserBasic UserFull Access UserTenant AdminPartner Admin
BudgetsYYYYY
CasesNYYYY
DashboardsYYYYY
Reports & Report DataYYYYY
Resource SubscriptionsYYYYY
RecommendationsYYYYY
Savings OpportunitiesYYYYY
Cost Alerts (Anomalies)YYYYY
Ramp PlansNYYYY
Label Map & PreferencesYYYYY
Reallocations & JobsNYYYY
Data IntegrationsYYYYY
Kubernetes Pod LabelsNNYYY
Roles & User RolesNNNYY

Update (Edit) actions

PermissionsLimited UserBasic UserFull Access UserTenant AdminPartner Admin
Resource SubscriptionsYYYYY
BudgetsNYYYY
CasesNYYYY
DashboardsNYYYY
ReportsNYYYY
RecommendationsNYYYY
Alert RulesNYYYY
Ramp PlansNYYYY
Label Grouping Rules & PreferencesNNYYY
Savings OpportunitiesNNYYY
ReallocationsNYYYY
Measure PreferencesNNYYY
Tenant-wide SettingsNNNYY
User Roles & Group ConfigsNNNYY

Delete actions

PermissionsLimited UserBasic UserFull Access UserTenant AdminPartner Admin
Resource SubscriptionsYYYYY
BudgetsNYYYY
ReportsNNYYY
Ramp PlansNNYYY
Label Grouping RulesNNYYY
Custom Labels & MetricsNNYYY
Savings OpportunitiesNNYYY
ReallocationsNNYYY
Kubernetes Pod LabelsNNNYY
Data IntegrationsNNNYY
User Group ConfigurationsNNNYY

Special actions

PermissionsLimited UserBasic UserFull Access UserTenant AdminPartner Admin
Generate Cost Compare reportNYYYY
View Committed Use pageNYYYY
Trigger reallocationNNYYY
Grant/revoke tenant accessNNNYY

Role summaries

Limited User - For team members who primarily need to view data and run basic reports

  • View dashboards, reports and basic cost information
  • Create simple items like reports and budgets

Basic User - For users actively managing costs and reporting

  • Everything a Limited User can do
  • Plus: Create and edit budgets, dashboards and ramp plans
  • View recommendations and run comparisons

Full Access User - For power users managing complex workflows and optimizations

  • Everything a Basic User can do
  • Plus: Manage custom labels, metrics, reallocations and advanced reporting tools
  • Trigger reallocations and manage measure preferences

Tenant Admin - For administrators managing the entire tenant

  • Everything a Full Access User can do
  • Plus: Full control of integrations, Kubernetes labels and user roles
  • Grant or revoke access and update tenant-wide settings

Partner Admin - For MSPs managing multiple customer tenants

  • Cross-tenant view of usage, costs, and configurations
  • Ability to configure, update, and manage tenants
  • Ideal for partners who need to support multiple customers

Role

Scope

Best for

Limited User

Single tenant

New team members who need to view data and run simple reports.

Basic User

Single tenant

Managing budgets, dashboards, and reports.

Full Access User

Single tenant

Power users who need advanced optimization and reporting control.

Tenant Admin

Single tenant

Full administration and user management.

Partner Admin

MSP Parent Tenant and all Child Tenants

Cross-tenant management, reporting, and support.