Parent doc: User
A Juju user may have different abilities, according to the access level they have been granted. This document describes the various access levels and the corresponding abilities.
- Valid access levels for controllers
- Valid access levels for models
- Valid access levels for application offers
- Valid access levels for clouds
||Log in to the controller.|
||Automatically by bootstrapping a controller.
Automatically by having the username ‘admin’.
|God-mode for the controller. You can do anything that it is possible to do within a controller.|
A person logged into the
jaas controller automatically has the login role. This is automatically granted via
juju grant login everyone@external.
Since multiple controllers—and therefore multiple controller administrators—are possible, there is no such thing as an overarching “Juju administrator”. Nevertheless, a user with the superuser role is usually what people refer to as “the admin”.
||View the content of a model without changing it. Can use any of the read commands.|
||Deploy and manage applications on the model.|
||God-mode for the model.|
A controller can manage models on many clouds. With cloud-level access you can give a user permission to access one cloud but not another related to that controller.