--- Title: Create roles with cluster access only alwaysopen: false categories: - docs - operate - rs description: Create roles with cluster access only. linkTitle: Create roles with cluster access only weight: 14 aliases: - /operate/rs/security/access-control/admin-console-access/ url: '/operate/rs/7.4/security/access-control/create-cluster-roles/' --- Roles with cluster access allow access to the Cluster Management UI and REST API. ## Default management roles Redis Enterprise Software includes five predefined roles that determine a user's level of access to the Cluster Manager UI and [REST API]({{}}). 1. **DB Viewer** - Read database settings 1. **DB Member** - Administer databases 1. **Cluster Viewer** - Read cluster settings 1. **Cluster Member** - Administer the cluster 1. **Admin** - Full cluster access 1. **None** - For data access only - cannot access the Cluster Manager UI or use the REST API For more details about the privileges granted by each of these roles, see [Cluster Manager UI permissions](#cluster-manager-ui-permissions) or [REST API permissions]({{}}). ## Cluster Manager UI permissions Here's a summary of the Cluster Manager UI actions permitted by each default management role: | Action | DB Viewer | DB Member | Cluster Viewer | Cluster Member | Admin | |--------|:---------:|:---------:|:--------------:|:-----------:|:------:| | Create support package | ❌ No | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | | Edit database configuration | ❌ No | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | | Reset slow log | ❌ No | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | | View cluster configuration | ❌ No | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes | | View cluster logs | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes
| | View cluster metrics | ❌ No | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes | | View database configuration | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | | View database metrics | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | | View node configuration | ❌ No | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes | | View node metrics | ❌ No | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes | | View Redis database password | ❌ No | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | | View slow log | ❌ No | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | | View and edit cluster settings |❌ No | ❌ No | ❌ No | ❌ No | ✅ Yes | ## Create roles for cluster access {#create-cluster-role} To create a role that grants cluster access but does not grant access to any databases: 1. From **Access Control** > **Roles**, you can: - Point to a role and select {{< image filename="/images/rs/buttons/edit-button.png#no-click" alt="The Edit button" width="25px" class="inline" >}} to edit an existing role. - Select **+ Add role** to create a new role. {{ Add role with name

}} 1. Enter a descriptive name for the role. 1. Choose a **Cluster management role** to determine cluster management permissions. {{ Select a cluster management role to set the level of cluster management permissions for the new role.

Select a cluster management role to set the level of cluster management permissions for the new role.

}} 1. To prevent database access when using this role, do not add any ACLs. 1. Select **Save**. You can [assign the new role to users]({{}}) to grant cluster access.