Roles and Permissions Reference
Click each role to view the role permissions.
Customer Resource Hierarchy
Manages users, custom roles and assignment of roles to users in the resource hierarchy
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Fabric port sessions |
iam.role.assign | Assign Roles in the resource hierarchy |
iam.role.unassign | Reassign and Unassign Roles in the resource hierarchy |
iam.role.assign | Assign Roles in the resource hierarchy |
iam.role.create | Create Roles in the resource hierarchy |
iam.role.delete | Delete Roles in the resource hierarchy |
iam.role.update | Update Roles in the resource hierarchy |
iam.customrole.assign | Assign Custom Roles in the resource hierarchy |
iam.customrole.unassign | Reassign and Unassign Custom Roles in the resource hierarchy |
iam.customrole.assign | Assign Custom Roles in the resource hierarchy |
iam.customrole.create | Create Custom Roles in the resource hierarchy |
iam.customrole.delete | Delete Custom Roles in the resource hierarchy |
iam.customrole.update | Update Custom Roles in the resource hierarchy |
iam.systemrole.assign | Assign system roles in the resource hierarchy |
iam.systemrole.unassign | Reassign and unassign system roles in the resource hierarchy |
iam.user.create | Create a new user in an organization |
Creates and manages Organizations in the Resource Hierarchy.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.create | Create Organizations in the resource hierarchy |
resourcemanager.org.read | View Organizations in the resource hierarchy |
resourcemanager.org.update | Update Organizations in the resource hierarchy |
resourcemanager.org.delete | Delete Organizations in the resource hierarchy |
resourcemanager.org.associate | Associate Organizations with Billing Account entities in the resource hierarchy |
resourcemanager.org.disassociate | Disassociate Organizations with Billing Account entities in the resource hierarchy |
billing.billingaccount.read | View Billing Accounts in the resource hierarchy |
resourcemanager.org.project.remove | Remove existing project from an organization |
resourcemanager.org.org.remove | Remove existing org from an organization |
resourcemanager.org.org.add | Add existing org to an organization |
resourcemanager.org.project.add | Add existing project to an organization |
Views Organizations and Org Resources.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.read | View Organizations in the resource hierarchy |
Creates and manages Inventory and Projects.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.create | Create Projects in the resource hierarchy |
resourcemanager.project.read | View Projects in the resource hierarchy |
resourcemanager.project.delete | Delete Projects in the resource hierarchy |
resourcemanager.project.update | Update Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Accounts in the resource hierarchy |
resourcemanager.project.associate | Associate Projects with Billing Accounts in the resource hierarchy |
resourcemanager.project.disassociate | Disassociate Projects from Billing Accounts in the resource hierarchy |
resourcemanager.project.resource.remove | Remove existing resource from a project |
resourcemanager.project.resource.add | Add existing resource to a project |
Views Projects and Project Resources.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.read | View Projects in the resource hierarchy |
Manages Billing Account associations in the Resource Hierarchy.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Accounts in the resource hierarchy |
billing.billingaccount.create | Create Billing Accounts and associations in the resource hierarchy |
billing.billingaccount.assign | Assign and Manage Billing Account associations in the resource hierarchy |
billing.billingaccount.unassign | Unassign Billing Account associations in the resource hierarchy |
billing.billingaccount.unlink | Unlink Billing Account associations in the resource hierarchy |
billing.billingaccount.view | View Billing Account associations in the resource hierarchy |
organizations.orgaccount.view | View Organization Account associations in the resource hierarchy |
projects.projectaccount.view | View Project Account associations in the resource hierarchy |
resourcemanager.org.read | View Organizations in the resource hierarchy |
Views Billing Accounts.
Role Permission Value(s) | Permission Description |
---|---|
billing.billingaccount.read | View Billing Accounts in the resource hierarchy |
resouremanager.project.read | View Projects in the resource hierarchy |
resourcemanager.org.read | View Organizations in the resource hierarchy |
Manages Partner Organizations.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.subcust.delete | Delete Sub-account level Organizations |
resourcemanager.org.subcust.read | View Sub-account level Organizations |
resourcemanager.org.partner.create | Create Partner Organizations |
resourcemanager.org.partner.update | Update Partner Organizations |
resourcemanager.org.partner.delete | Delete Partner Organizations |
resourcemanager.org.subcust.update | Update Sub-account level Organizations |
resourcemanager.org.subcust.create | Create Sub-account level Organizations |
resourcemanager.org.partner.read | View Partner Organizations |
resourcemanager.org.subcust.list | List and View Sub-account level Organizations |
resourcemanager.org.subcust.move | Manage Sub-account level Organizations |
View Partner Organizations.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.subcust.read | View Sub-account level Organizations |
resourcemanager.org.partner.read | View Partner Organizations |
Manages Sub-customer Organizations.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.endcust.move | Move End customer organizations |
resourcemanager.org.endcust.delete | Delete End customer organizations |
resourcemanager.org.endcust.list | List and View End customer organizations |
resourcemanager.org.endcust.create | Create End customer organizations |
resourcemanager.org.endcust.update | Update End customer organizations |
resourcemanager.org.endcust.read | View End customer organizations |
View Sub-customer Organizations.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.endcust.read | View End customer organizations |
Updates the Company Profile.
Role Permission Value(s) | Permission Description |
---|---|
discovery.companyprofile.read | Get Company Profile |
discovery.companyprofile.update | Update Company Profile |
resourcemanager.project.read | View Projects in the Resource Hierarchy |
Network Edge
Manages Network Edge Devices.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.read | View Projects in the Resource Hierarchy |
networkedge.virtualdevice.create | Create Network Edge Virtual Devices |
networkedge.virtualdevice.view | View Network Edge Virtual Devices |
networkedge.virtualdevice.modify | Modify Network Edge Virtual Devices |
networkedge.virtualdevice.delete | Delete Network Edge Virtual Devices |
networkedge.acl.create | Create Network Edge ACL Templates |
networkedge.acl.view | View Network Edge Access Control List (ACL) |
networkedge.acl.modify | Modify Network Edge ACL Templates |
networkedge.sshuser.create | Create Network Edge SSH Services |
networkedge.sshuser.modify | Modify Network Edge SSH Services |
networkedge.sshuser.view | View Network Edge SSH Services |
networkedge.vpn.create | Create Network Edge VPN Connections |
networkedge.vpn.view | View Network Edge VPN Connections |
networkedge.vpn.modify | Modify Network Edge VPN Connections |
networkedge.vpn.delete | Delete Network Edge VPN Connections |
networkedge.internetbandwidth.view | View Internet Bandwidth ACL Templates |
networkedge.internetbandwidth.modify | Modify Internet Bandwidth ACL Templates |
networkedge.acltemplate.view | View Network Edge ACL Templates |
networkedge.acltemplate.create | Create Network Edge ACL Templates |
networkedge.acltemplate.modify | Modify Network Edge ACL Templates |
networkedge.acltemplate.delete | Delete Network Edge ACL Templates |
networkedge.publickey.create | Create Network Edge Public Key |
networkedge.publickey.view | View Network Edge Public Key |
networkedge.publickey.delete | Delete Network Edge Public Key |
networkedge.publickey.modify | Modify Network Edge Public Key |
networkedge.l2connection.view | View Layer 2 (L2) Connections |
networkedge.bgp.view | View BGP Sessions |
networkedge.devicelinking.create | Create a Device Linking Group |
networkedge.devicelinking.delete | Delete a Device Linking Group |
networkedge.devicelinking.modify | Edit a Device Linking Group |
networkedge.devicelinking.view | View a Device Linking Group |
networkedge.solutionbuilder.create | Create a Solution Builder |
networkedge.solutionbuilder.delete | Delete a Solution Builder |
networkedge.solutionbuilder.modify | Edit a Solution Builder |
networkedge.solutionbuilder.view | View a Solution Builder |
Manages Network Edge Connections.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.read | View Projects in the resource hierarchy |
networkedge.l2connection.create | Create Layer 2 (L2) Connections |
networkedge.l2connection.view | View Layer 2 (L2) Connections |
networkedge.l2connection.modify | Modify Layer 2 (L2) Connections |
networkedge.l2connection.delete | Delete Layer 2 (L2) Connections |
networkedge.bgp.create | Create BGP Sessions |
networkedge.bgp.view | View BGP Sessions |
networkedge.bgp.modify | Modify BGP Sessions |
networkedge.bgp.delete | Delete BGP Sessions |
networkedge.virtualdevice.view | View Network Edge Virtual Devices |
networkedge.vpn.view | View Network Edge VPN Connections |
networkedge.sshuser.view | View Network Edge SSH Services |
networkedge.acl.view | View Network Edge ACL Templates |
networkedge.acltemplate.view | View Network Edge ACL Templates |
networkedge.publickey.view | View Network Edge Public Key |
networkedge.internetbandwidth.view | View Network Edge Internet Bandwidth ACL Templates |
fabric.serviceprofile.read | Read Fabric Layer 2 (L2) Service Profiles |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
Views Network Edge Projects and Resources.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.project.read | View Projects in the resource hierarchy |
networkedge.l2connection.view | View Layer 2 (L2) Connections |
networkedge.bgp.view | View BGP Sessions |
networkedge.devicelinking.view | View a Device Linking Group |
networkedge.virtualdevice.view | View Network Edge Virtual Devices |
networkedge.vpn.view | View Network Edge VPN Connections |
networkedge.sshuser.view | View Network Edge SSH Services |
networkedge.acl.view | View Network Edge ACL Templates |
networkedge.acltemplate.view | View Network Edge ACL Templates |
networkedge.publickey.view | View Network Edge Public Key |
networkedge.internetbandwidth.view | View Internet Bandwidth ACL Templates |
internetAccess.service.read | View Equinix Internet Access service instances |
networkedge.solutionbuilder.create | Create a Solution Builder |
networkedge.solutionbuilder.delete | Delete a Solution Builder |
networkedge.solutionbuilder.modify | Edit a Solution Builder |
networkedge.solutionbuilder.view | View a Solution Builder |
Fabric
Manages Ports, Connections, Service tokens and EIA for their organization.
Role Permission Value(s) | Permission Description |
---|---|
fabric.l2connection.create | Create Fabric Layer 2 (L2) Connections |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l2connection.delete | Delete Fabric Layer 2 (L2) Connections |
fabric.l2connection.update | Update Fabric Layer 2 (L2) Connections |
fabric.l3connection.create | Create Fabric Layer 3 (L3) Connections |
fabric.l3connection.read | View Fabric Layer 3 (L3) Connections |
fabric.l3connection.delete | Delete Fabric Layer 3 (L3) Connections |
fabric.l3connection.update | Update Fabric Layer 3 (L3) Connections |
fabric.ipblock.create | Create Fabric IP Blocks |
fabric.ipblock.read | View Fabric IP Blocks |
fabric.ipblock.delete | Delete Fabric IP Blocks |
fabric.ipblock.update | Update Fabric IP Blocks |
fabric.port.placeorder | Create Fabric Port Orders |
fabric.port.read | View Port Sessions |
fabric.port.placeorder | Place orders for Fabric Port |
fabric.servicetoken.create | Create Fabric Service Tokens |
fabric.servicetoken.read | View Fabric Service Tokens |
fabric.servicetoken.delete | Delete Fabric Service Tokens |
fabric.servicetoken.update | Update Fabric Service Tokens |
fabric.network.create | Create Fabric Network |
fabric.network.read | Get Fabric Network |
fabric.network.update | Update Fabric Network |
fabric.network.delete | Delete Fabric Network |
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Account |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
V iew Service profiles, Ports, Connections, Service tokens and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
resourcemanager.project.read | View Projects in the resource hierarchy |
fabric.l3connection.read | View Fabric Layer 3 (L3) Connections |
fabric.serviceprofile.read | View Fabric Layer 2 (L2) Service Profiles |
fabric.l3serviceprofile.read | View Fabric Layer 3 (L3) Service Profiles |
fabric.network.read | View Fabric Network |
fabric.servicetoken.read | View Fabric Service Tokens |
fabric.port.read | View Fabric Ports |
fabric.ipblock.read | View Fabric IP Blocks |
internetAccess.service.read | View Equinix Internet Access service instances |
Manages Service profiles, Ports, Connections, Service tokens and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.l2connection.approve | Approve Fabric Layer 2 (L2) Connections |
fabric.l2connection.create | Create Fabric Layer 2 (L2) Connections |
fabric.l2connection.delete | Delete Fabric Layer 2 (L2) Connections |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l2connection.update | Update Fabric Layer 2 (L2) Connections |
fabric.l3connection.approve | Approve Fabric Layer 3 (L3) Connections |
fabric.l3connection.create | Create Fabric Layer 3 (L3) Connections |
fabric.l3connection.delete | Delete Fabric Layer 3 (L3) Connections |
fabric.l3connection.read | View Fabric Layer 3 (L3) Connections |
fabric.l3connection.update | Update Fabric Layer 3 (L3) Connections |
fabric.l3serviceprofile.create | Create Fabric Layer 3 (L3) Service Profiles |
fabric.l3serviceprofile.read | View Fabric Layer 3 (L3) Service Profiles |
fabric.l3serviceprofile.update | Update Fabric Layer 3 (L3) Service Profiles |
fabric.l3serviceprofile.delete | Delete Fabric Layer 3 (L3) Service Profiles |
fabric.servicetoken.create | Create Fabric Service Tokens |
fabric.servicetoken.read | View Fabric Service Tokens |
fabric.servicetoken.delete | Delete Fabric Service Tokens |
fabric.servicetoken.update | Update Fabric Service Tokens |
fabric.port.placeorder | Create Fabric Port Orders |
fabric.port.read | View Fabric Ports |
fabric.serviceprofile.create | Create Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.delete | Delete Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.read | Read Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.update | Update Fabric Layer 2 (L2) and Network Edge Service Profiles |
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Account |
fabric.network.create | Create Fabric Network |
fabric.network.read | Get Fabric Network |
fabric.network.update | Update Fabric Network |
fabric.network.delete | Delete Fabric Network |
fabric.ipblock.create | Create Fabric IP Blocks |
fabric.ipblock.read | View Fabric IP Blocks |
fabric.ipblock.delete | Delete Fabric IP Blocks |
fabric.ipblock.update | Update Fabric IP Blocks |
fabric.fabriccloudrouter.delete | Delete Fabric Cloud Router |
fabric.fabriccloudrouter.update | Update Fabric Cloud Router |
fabric.fabriccloudrouter.read | Get Fabric Cloud Router |
fabric.fabriccloudrouter.create | Create Fabric Cloud Router |
fabric.routefilter.create | Create Route Filter |
fabric.routefilter.read | Get Route Filter |
fabric.routefilter.update | Update Route Filter |
fabric.routefilter.delete | Delete Route Filter |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
Manages Fabric Partner Projects and Resources.
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Port Sessions |
fabric.port.placeorder | Create Fabric Port Orders |
fabric.port.assign | Assign Fabric Port |
fabric.port.unassign | Unassign Fabric Port |
resourcemanager.project.read | View Projects in the resource hierarchy |
End Customer - Manages Connections, Service tokens and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Port Sessions |
fabric.l2connection.create | Create Fabric Layer 2 (L2) Connections |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l2connection.update | Update Fabric Layer 2 (L2) Connections |
fabric.l2connection.delete | Delete Fabric Layer 2 (L2) Connections |
fabric.l3connection.create | Create Fabric Layer 3 (L3) Connections |
fabric.l3connection.read | View Fabric Layer 3 (L3) Connections |
fabric.l3connection.update | Update Fabric Layer 3 (L3) Connections |
fabric.l3connection.delete | Delete Fabric Layer 3 (L3) Connections |
fabric.servicetoken.create | Create Fabric Service Tokens |
fabric.servicetoken.read | View Fabric Service Tokens |
fabric.servicetoken.update | Update Fabric Service Tokens |
fabric.servicetoken.delete | Delete Fabric Service Tokens |
resourcemanager.project.read | View Projects in the resource hierarchy |
fabric.network.create | Create Fabric Network |
fabric.network.read | Get Fabric Network |
fabric.network.update | Update Fabric Network |
fabric.network.delete | Delete Fabric Network |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
End Customer - View Ports, Connections, Service tokens and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Port Sessions |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l3connection.read | View Fabric Layer 3 (L3) Connections |
fabric.serviceprofile.read | Read Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.l3serviceprofile.read | View Fabric Layer 3 (L3) Service Profiles |
fabric.servicetoken.read | View Fabric Service Tokens |
resourcemanager.project.read | View Projects in the resource hierarchy |
fabric.network.read | Get Fabric Network |
internetAccess.service.read | View Equinix Internet Access service instances |
Manages Connections, Service tokens and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.l2connection.create | Create Fabric Layer 2 (L2) Connections |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l2connection.update | Update Fabric Layer 2 (L2) Connections |
fabric.l2connection.delete | Delete Fabric Layer 2 (L2) Connections |
fabric.servicetoken.create | Create Fabric Service Tokens |
fabric.servicetoken.read | View Fabric Service Tokens |
fabric.servicetoken.delete | Delete Fabric Service Tokens |
fabric.servicetoken.update | Update Fabric Service Tokens |
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Account |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
Manages Service profiles, Connections and EIA.
Role Permission Value(s) | Permission Description |
---|---|
fabric.l2connection.create | Create Fabric Layer 2 (L2) Connections |
fabric.l2connection.read | View Fabric Layer 2 (L2) Connections |
fabric.l2connection.update | Update Fabric Layer 2 (L2) Connections |
fabric.l2connection.delete | Delete Fabric Layer 2 (L2) Connections |
fabric.l2connection.approve | Approve Fabric Layer 2 (L2) Connections |
fabric.serviceprofile.create | Create Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.delete | Delete Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.read | Read Fabric Layer 2 (L2) and Network Edge Service Profiles |
fabric.serviceprofile.update | Update Fabric Layer 2 (L2) and Network Edge Service Profiles |
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Account |
internetAccess.service.create | Create Equinix Internet Access service instances |
internetAccess.service.read | View Equinix Internet Access service instances |
internetAccess.service.modify | Edit Equinix Internet Access service instances |
internetAccess.service.delete | Delete Equinix Internet Access service instances |
View Fabric Ports.
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Port Sessions |
resourcemanager.project.read | View Projects in the resource hierarchy |
Manages Fabric Ports
Role Permission Value(s) | Permission Description |
---|---|
fabric.port.read | View Port Sessions |
fabric.port.placeorder | Create Fabric Port Orders |
resourcemanager.project.read | View Projects in the resource hierarchy |
Fabric Cloud Router
Views Fabric Cloud Router instances.
Role Permission Value(s) | Permission Description |
---|---|
fabric.fabriccloudrouter.read | Get Fabric Cloud Router |
fabric.routefilter.read | Get Route Filter |
Creates and manages Fabric Cloud Router instances.
Role Permission Value(s) | Permission Description |
---|---|
fabric.fabriccloudrouter.delete | Delete Fabric Cloud Router |
fabric.fabriccloudrouter.update | Update Fabric Cloud Router |
fabric.fabriccloudrouter.read | Get Fabric Cloud Router |
fabric.fabriccloudrouter.create | Create Fabric Cloud Router |
fabric.routefilter.create | Create Route Filter |
fabric.routefilter.read | Get Route Filter |
fabric.routefilter.update | Update Route Filter |
fabric.routefilter.delete | Delete Route Filter |
resourcemanager.project.read | View Projects in the resource hierarchy |
billing.billingaccount.read | View Billing Account |
Equinix Precision Time (EPT)
Manages EPT service.
Role Permission Value(s) | Permission Description |
---|---|
resourcemanager.org.read | View Orgs in the resource hierarchy |
billing.billingaccount.read | View Billing Accounts in the resource hierarchy |
resourcemanager.project.read | View Projects in the Resource Hierarchy |
ept.service.admin | EPT service admin |