Roles and Permissions

Automox currently supports five role-based access controls (RBAC). The user roles and permissions are described here:

Global Administrator

A global administrator can access all zones and has full administrative permissions. A global administrator can do the following:

  • View and access the Global View landing page
  • Add zones to accounts
  • Invite users to accounts
  • Add users to zones
  • Assign zone administrators
  • Assign any role to any user
  • Control all aspects of the Automox console

Note: It is recommended to keep the number of Global Administrators to a minimum.

Zone Administrator

A zone administrator has full access and administrative permissions for the assigned zone(s) only. A zone administrator has the following permissions within their zone(s):

  • Can add existing users of the account to a zone 
  • Assign the following roles: zone operator, billing administrator, or read only 
  • Control all aspects of the Automox console within the zone(s)

Note: Only Global Administrators can invite users to an account.

Zone Operator

A zone operator (formerly patch administrator) can create, read, modify, and delete all policies and server groups for a zone(s). They can add, remove, and reboot devices.

Billing Administrator

A billing administrator can modify billing settings for a zone(s).

Read Only

This user only has read access rights for the assigned zone(s).