Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Specific permissionDescriptionSuggested role
Read Orders

View account resources.

Technical, Billing
Write OrdersAdd additional account resources.Billing
Read Endpoint(s)

Write Endpoint(s)

Read Subscriber Key(s)

Write Subscriber Key(s)

Read Subscriber(s)

Write Subscriber(s)

Read IdentityView account information.Technical, Billing,
Write IdentityUpdate account information.Technical, Billing
Read Entity MetadataView notes and tags throughout the portalTechnical, Billing
Write Entity MetadataUpdate notes and tags throughout the portalTechnical, Billing
Read FirewallView account firewall rulesTechnical, Billing
Write FirewallAdd and edit account firewall rulesTechnical
Read Network IPView account IP allocations and assignments.Technical, Billing
Write Network IPAdd, update, and remove IP assignments throughout the account.Technical
Read Network L2LView L2L network tunnelsTechnical, Billing
Write Network L2LAdd, update, and remove L2L tunnelsTechnical
Read Network NatView DNAT assignments per VM.Technical, Billing
Write Network NatAdd and remove DNAT assignments.Technical
Read Network BandwidthView network transfer history.Technical, Billing
Read Notification(s)View account notifications.Technical, Billing
Read Ticket(s)View account tickets.Technical, Billing
Write Ticket(s)Create and update tickets, related servers, and recipients.Technical, Billing
Read Workload(s)View account workloads.Technical, Billing
Write WorkloadCreate, update, and remove account workloads.Technical
Read Location(s)Discover locations available for the account.Technical, Billing
Read MonitoringView account resources.Technical, Billing
Read AutoScaleView autoscale settings for workloads and VMs.
Write AutoScaleSet autoscale settings for workloads and VMs.
Read Virtual Machine StatsView graph data for VMs.Technical, Billing
Read StorageView disk and storage information for the account.Technical, Billing
Read Virtual Machine(s)View VM details.Technical, Billing
Write Virtual MachineCreate, update, and remove account VMs.Technical
Read Template(s)View template details.Technical, Billing
Write TemplateCreate, update, and remove account templates.Technical
Read Virtual Data CentersView account virtual data center details.
Write Virtual Data CentersCreate, edit, and remove account virtual data centers.
Read Connections

Write Connections

Write Secret

Read FIMView file integrity detailsTechnical, Billing
Read AVAMView antivirus and anti-malware (malware protection) detailsTechnical, Billing
Read Dashboard StatisticsView main security dashboardTechnical, Billing
Read OS PackagesView OS patching detailsTechnical, Billing
Read SSL VPN Devices and UsersView SSLVPN account users and detailsTechnical, Billing
Write SSL VPN Devices and UsersEnable SSLVPN for account usersTechnical
Update Personal IdentityUpdate Personal IdentityTechnical, Billing
View Core LicenseView Core License InformationTechnical, Billing
Update Payment InformationView/Create/Edit/Delete Payment InformationBilling
Write OrdersAdd additional account resources
Update Customer PasswordsUpdate another user's password
Read AutoscaleView autoscale settings for workloads and VMs.
Read Storage
View disk and storage information for the account.

View SubscriptionsView Marketplace subscriptions
Read TasksView task information
Write TasksUpdate task information
NEW View InvoicesView Invoices
Read LogManagementView Log Management information
Read LogSearchView Log Search information
Write AccountUpdate account information
Read Product CatalogRead Product Catalog
Global SearchPerform Global Search
Write SubscriptionsWrite Subscriptions
Scale Virtual MachineScale up and down account VMs



What's the difference between system and resource?

add notes about roles and permissions to API

How can we group these based on the type of user, such as "account specialist" or "technical specialist?"

Account role

Technical role

Security role

Admin role

The admin role should have everything included


Specific permissionSystemResourceDescription
Read Network BandwidthNetworkNetworkView network transfer history.
Read FirewallNetworkFirewallView account firewall rules
Write FirewallNetworkFirewallAdd and update firewall rules.
Read Network IPNetworkIPView account IP allocations and assignments.
Write Network IPNetworkIPAdd, update, and remove IP assignments.
Read Network L2LNetworkL2LView L2L network tunnels.
Write Network L2LNetworkL2LAdd, update, and remove L2L tunnels.
Read Network NATNetworkNATView DNAT assignments per virtual machine.
Write Network NATNetworkNATAdd and remove DNAT assignments.
Read SSL VPN Devices and UsersNetworkSSL VPNView SSL VPN account users and details.
Write SSL VPN Devices and UserNetworkSSL VPNEnable SSL VPN for account users
Specific permissionsSystemResourceDescription
Read IdentityIdentityAccountsView account information
Update Personal IdentityIdentityIdentity
Write AccountIdentityAccountsUpdate account information
Update Customer PasswordsIdentityRolesUpdate another user's password
Write IdentityIdentityRolesUpdate account information
Specific permissionsSystemResourceDescription
Read Workload(s)VPCAPPView account workloads
Write WorkloadVPCAPPCreate, update, and remove account workloads
Read Location(s)VPCLocationView locations available for this account
Read MonitoringVPCMonitoringView account resources
Read Virtual Machine StatsVPCStatsView graph data for virtual machines
Read StorageVPCStorageView disk and storage information for the account
Read Template(s)VPCTemplateView template details
Write TemplateVPCTemplateCreate, update, and remove account templates
Read Virtual Machine(s)VPCVMSView virtual machine details
Scale Virtual MachineVPCVMSUpgrade or downgrade the size of a virtual machine.
Write Virtual MachineVPCVMSCreate, update, and remove account virtual virtual machines
Read Server ReplicationVPCVMS
Writer Server ReplicationVPCVMC
Specific permissionsSystemResourceDescription
Update Payment InformationAccountBillingView, create, edit, and delete payment information.
Read Payment InformationAccountBillingView payment information.
Read ConnectionsAccountConnections
Write ConnectorsAccountConnectors
Read OrdersAccountOrdersView account resources
Write OrdersAccountOrdersAdd additional account resources
Write SecretAccountSecretCreate a password for your virtual machine?
Specific permissionsSystemResourceDescription
Read ComplianceComplianceCompliance
Write ComplianceComplianceCompliance
Specific permissionsSystemResourceDescription
Read AVAMCoreConnectionView Malware Protection details.
Read Dashboard StatisticsCoreConnectionDoes this apply now to the newly created dashboard?
Read FIMCoreConnectionView File Integrity Monitoring details.
View Core LicenseCoreLicensingIs this to view just your core information?
Read LogManagementCoreLogsView Log Management information
Read LogSearchCoreLogsView Log Search information
Write LogManagementCoreLogs
Read OS PackagesCorePackagesView OS patching details
View Vulnerability ScansCoreVulnerabilityscanning
Specific permissionsSystemResourceDescription
View InvoicesBillingInvoices
Read Product CatalogBillingProducts
View SubscriptionBillingSubscriptions
Write SubscriptionsBillingSubscriptions
Specific permissionsSystemResourceDescription
Read Entity MetadataMetaNoteView notes and tags
Write Entity MetadataMetaNoteUpdates notes and tags
Read TasksMetaTaskView task information
Write TasksMetaTaskWrite task information
Specific permissionsSystemResourceDescription
Read Notification(s)NotificationNotifications

View account notifications.

Does it matter which method you signed up for?

Specific permissionsSystemResourceDescription
Read Ticket(s)TicketTicketsView open tickets in your account.
Write Ticket(s)TicketTicketsCreate a support ticket.
Specific permissionsSystemResourceDescription
Global SearchSearchSearchSearch throughout AMP for various resource needs
Specific permissionsSystemResourceDescription
Read Endpoint(s)ArmorSecurityendpoints